Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8text‹\label{PLM: 9}›
9
10(* constrain sledgehammer to the abstraction layer *)
11unbundle AOT_no_atp
12
13subsection‹Primitive Rule of PLM: Modus Ponens›
14text‹\label{PLM: 9.1}›
15
16AOT_theorem "modus-ponens":
17  assumes φ and φ  ψ
18  shows ψ
19  (* NOTE: semantics needed *)
20  using assms by (simp add: AOT_sem_imp)
21lemmas MP = "modus-ponens"
22
23subsection‹(Modally Strict) Proofs and Derivations›
24text‹\label{PLM: 9.2}›
25
26AOT_theorem "non-con-thm-thm":
27  assumes  φ
28  shows  φ
29  using assms by simp
30
31AOT_theorem "vdash-properties:1[1]":
32  assumes φ  Λ
33  shows  φ
34  (* NOTE: semantics needed *)
35  using assms unfolding AOT_model_act_axiom_def by blast
36
37text‹Convenience attribute for instantiating modally-fragile axioms.›
38attribute_setup act_axiom_inst =
39  ‹Scan.succeed (Thm.rule_attribute []
40    (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
41  "Instantiate modally fragile axiom as modally fragile theorem."
42
43AOT_theorem "vdash-properties:1[2]":
44  assumes φ  Λ
45  shows  φ
46  (* NOTE: semantics needed *)
47  using assms unfolding AOT_model_axiom_def by blast
48
49text‹Convenience attribute for instantiating modally-strict axioms.›
50attribute_setup axiom_inst =
51  ‹Scan.succeed (Thm.rule_attribute []
52    (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
53  "Instantiate axiom as theorem."
54
55text‹Convenience methods and theorem sets for applying "cqt:2".›
56method cqt_2_lambda_inst_prover =
57  (fast intro: AOT_instance_of_cqt_2_intro)
58method "cqt:2[lambda]" =
59  (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
60lemmas "cqt:2" =
61  "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst]
62  AOT_instance_of_cqt_2_intro
63method "cqt:2" = (safe intro!: "cqt:2")
64
65AOT_theorem "vdash-properties:3":
66  assumes  φ
67  shows Γ  φ
68  using assms by blast
69
70AOT_theorem "vdash-properties:5":
71  assumes Γ1  φ and Γ2  φ  ψ
72  shows Γ1, Γ2  ψ
73  using MP assms by blast
74
75AOT_theorem "vdash-properties:6":
76  assumes φ and φ  ψ
77  shows ψ
78  using MP assms by blast
79
80AOT_theorem "vdash-properties:8":
81  assumes Γ  φ and φ  ψ
82  shows Γ  ψ
83  using assms by argo
84
85AOT_theorem "vdash-properties:9":
86  assumes φ
87  shows ψ  φ
88  using MP "pl:1"[axiom_inst] assms by blast
89
90AOT_theorem "vdash-properties:10":
91  assumes φ  ψ and φ
92  shows ψ
93  using MP assms by blast
94lemmas "→E" = "vdash-properties:10"
95
96subsection‹Two Fundamental Metarules: GEN and RN›
97text‹\label{PLM: 9.3}›
98
99AOT_theorem "rule-gen":
100  assumes for arbitrary α: φ{α}
101  shows α φ{α}
102  (* NOTE: semantics needed *)
103  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall)
104lemmas GEN = "rule-gen"
105
106AOT_theorem "RN[prem]":
107  assumes Γ  φ
108  shows Γ  φ
109  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
110AOT_theorem RN:
111  assumes  φ
112  shows φ
113  using "RN[prem]" assms by blast
114
115subsection‹The Inferential Role of Definitions›
116text‹\label{PLM: 9.4}›
117
118AOT_axiom "df-rules-formulas[1]":
119  assumes φ df ψ
120  shows φ  ψ
121  (* NOTE: semantics needed *)
122  using assms
123  by (auto simp: assms AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
124AOT_axiom "df-rules-formulas[2]":
125  assumes φ df ψ
126  shows ψ  φ
127  (* NOTE: semantics needed *)
128  using assms
129  by (auto simp: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
130(* NOTE: for convenience also state the above as regular theorems *)
131AOT_theorem "df-rules-formulas[3]":
132  assumes φ df ψ
133  shows φ  ψ
134  using "df-rules-formulas[1]"[axiom_inst, OF assms].
135AOT_theorem "df-rules-formulas[4]":
136  assumes φ df ψ
137  shows ψ  φ
138  using "df-rules-formulas[2]"[axiom_inst, OF assms].
139
140
141AOT_axiom "df-rules-terms[1]":
142  assumes τ{α1...αn} =df σ{α1...αn}
143  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
144         (¬σ{τ1...τn}  ¬τ{τ1...τn})
145  (* NOTE: semantics needed *)
146  using assms
147  by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq
148                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
149AOT_axiom "df-rules-terms[2]":
150  assumes τ =df σ
151  shows (σ  τ = σ) & (¬σ  ¬τ)
152  by (metis "df-rules-terms[1]" case_unit_Unity assms)
153(* NOTE: for convenience also state the above as regular theorems *)
154AOT_theorem "df-rules-terms[3]":
155  assumes τ{α1...αn} =df σ{α1...αn}
156  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
157         (¬σ{τ1...τn}  ¬τ{τ1...τn})
158  using "df-rules-terms[1]"[axiom_inst, OF assms].
159AOT_theorem "df-rules-terms[4]":
160  assumes τ =df σ
161  shows (σ  τ = σ) & (¬σ  ¬τ)
162  using "df-rules-terms[2]"[axiom_inst, OF assms].
163
164subsection‹The Theory of Negations and Conditionals›
165text‹\label{PLM: 9.5}›
166
167AOT_theorem "if-p-then-p": φ  φ
168  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
169
170AOT_theorem "deduction-theorem":
171  assumes φ  ψ
172  shows φ  ψ
173  (* NOTE: semantics needed *)
174  using assms by (simp add: AOT_sem_imp)
175lemmas CP = "deduction-theorem"
176lemmas "→I" = "deduction-theorem"
177
178AOT_theorem "ded-thm-cor:1":
179  assumes Γ1  φ  ψ and Γ2  ψ  χ
180  shows Γ1, Γ2  φ  χ
181  using "→E" "→I" assms by blast
182AOT_theorem "ded-thm-cor:2":
183  assumes Γ1  φ  (ψ  χ) and Γ2  ψ
184  shows Γ1, Γ2  φ  χ
185  using "→E" "→I" assms by blast
186
187AOT_theorem "ded-thm-cor:3":
188  assumes φ  ψ and ψ  χ
189  shows φ  χ
190  using "→E" "→I" assms by blast
191declare "ded-thm-cor:3"[trans]
192AOT_theorem "ded-thm-cor:4":
193  assumes φ  (ψ  χ) and ψ
194  shows φ  χ
195  using "→E" "→I" assms by blast
196
197lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
198
199AOT_theorem "useful-tautologies:1": ¬¬φ  φ
200  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
201AOT_theorem "useful-tautologies:2": φ  ¬¬φ
202  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
203AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
204  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
205AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
206  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
207AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
208  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
209
210AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
211  by (metis "→I" MP "useful-tautologies:4")
212
213AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
214  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
215
216AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
217  by (metis "→I" MP "useful-tautologies:5")
218
219AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
220  by (metis "→I" MP "useful-tautologies:6")
221
222AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
223  by (metis "→I" MP "pl:3"[axiom_inst])
224
225AOT_theorem "dn-i-e:1":
226  assumes φ
227  shows ¬¬φ
228  using MP "useful-tautologies:2" assms by blast
229lemmas "¬¬I" = "dn-i-e:1"
230AOT_theorem "dn-i-e:2":
231  assumes ¬¬φ
232  shows φ
233  using MP "useful-tautologies:1" assms by blast
234lemmas "¬¬E" = "dn-i-e:2"
235
236AOT_theorem "modus-tollens:1":
237  assumes φ  ψ and ¬ψ
238  shows ¬φ
239  using MP "useful-tautologies:5" assms by blast
240AOT_theorem "modus-tollens:2":
241  assumes φ  ¬ψ and ψ
242  shows ¬φ
243  using "¬¬I" "modus-tollens:1" assms by blast
244lemmas MT = "modus-tollens:1" "modus-tollens:2"
245
246AOT_theorem "contraposition:1[1]":
247  assumes φ  ψ
248  shows ¬ψ  ¬φ
249  using "→I" MT(1) assms by blast
250AOT_theorem "contraposition:1[2]":
251  assumes ¬ψ  ¬φ
252  shows φ  ψ
253  using "→I" "¬¬E" MT(2) assms by blast
254
255AOT_theorem "contraposition:2":
256  assumes φ  ¬ψ
257  shows ψ  ¬φ
258  using "→I" MT(2) assms by blast
259
260(* Note: this is actually a mixture of the two variants given in PLM. *)
261AOT_theorem "reductio-aa:1":
262  assumes ¬φ  ¬ψ and ¬φ  ψ
263  shows φ
264  using "→I" "¬¬E" MT(2) assms by blast
265AOT_theorem "reductio-aa:2":
266  assumes φ  ¬ψ and φ  ψ
267  shows ¬φ
268  using "reductio-aa:1" assms by blast
269lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
270
271AOT_theorem "exc-mid": φ  ¬φ
272  using "df-rules-formulas[4]" "if-p-then-p" MP
273        "conventions:2" by blast
274
275AOT_theorem "non-contradiction": ¬(φ & ¬φ)
276  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2"
277        "conventions:1" by blast
278
279AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
280  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
281AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
282  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2)
283            "¬¬E" "conventions:1")
284lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
285
286AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
287  by (meson "contraposition:1[2]" "df-rules-formulas[4]"
288            MP "→I" "conventions:2")
289AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
290  using "Hypothetical Syllogism" "df-rules-formulas[4]"
291        "pl:1"[axiom_inst] "conventions:2" by blast
292lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
293
294AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
295  by (metis "contraposition:2" "Hypothetical Syllogism" "→I"
296            "df-rules-formulas[4]" "conventions:1")
297lemmas Adjunction = "con-dis-taut:5"
298
299AOT_theorem "con-dis-taut:6": (φ & φ)  φ
300  by (metis Adjunction "→I" "df-rules-formulas[4]" MP
301            "Conjunction Simplification"(1) "conventions:3")
302lemmas "Idempotence of &" = "con-dis-taut:6"
303
304AOT_theorem "con-dis-taut:7": (φ  φ)  φ
305proof -
306  {
307    AOT_assume φ  φ
308    AOT_hence ¬φ  φ
309      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
310    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
311  }
312  moreover {
313    AOT_assume φ
314    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
315  }
316  ultimately AOT_show (φ  φ)  φ
317    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
318    by (metis Adjunction "→I")
319qed
320lemmas "Idempotence of ∨" = "con-dis-taut:7"
321
322
323AOT_theorem "con-dis-i-e:1":
324  assumes φ and ψ
325  shows φ & ψ
326  using Adjunction MP assms by blast
327lemmas "&I" = "con-dis-i-e:1"
328
329AOT_theorem "con-dis-i-e:2:a":
330  assumes φ & ψ
331  shows φ
332  using "Conjunction Simplification"(1) MP assms by blast
333AOT_theorem "con-dis-i-e:2:b":
334  assumes φ & ψ
335  shows ψ
336  using "Conjunction Simplification"(2) MP assms by blast
337lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
338
339AOT_theorem "con-dis-i-e:3:a":
340  assumes φ
341  shows φ  ψ
342  using "Disjunction Addition"(1) MP assms by blast
343AOT_theorem "con-dis-i-e:3:b":
344  assumes ψ
345  shows φ  ψ
346  using "Disjunction Addition"(2) MP assms by blast
347AOT_theorem "con-dis-i-e:3:c":
348  assumes φ  ψ and φ  χ and ψ  Θ
349  shows χ  Θ
350  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2)
351            "df-rules-formulas[3]" MT(1) RAA(1)
352            "conventions:2" assms)
353lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
354
355AOT_theorem "con-dis-i-e:4:a":
356  assumes φ  ψ and φ  χ and ψ  χ
357  shows χ
358  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
359AOT_theorem "con-dis-i-e:4:b":
360  assumes φ  ψ and ¬φ
361  shows ψ
362  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
363AOT_theorem "con-dis-i-e:4:c":
364  assumes φ  ψ and ¬ψ
365  shows φ
366  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
367lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
368
369AOT_theorem "raa-cor:1":
370  assumes ¬φ  ψ & ¬ψ
371  shows φ
372  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
373AOT_theorem "raa-cor:2":
374  assumes φ  ψ & ¬ψ
375  shows ¬φ
376  using "raa-cor:1" assms by blast
377AOT_theorem "raa-cor:3":
378  assumes φ and ¬ψ  ¬φ
379  shows ψ
380  using RAA assms by blast
381AOT_theorem "raa-cor:4":
382  assumes ¬φ and ¬ψ  φ
383  shows ψ
384  using RAA assms by blast
385AOT_theorem "raa-cor:5":
386  assumes φ and ψ  ¬φ
387  shows ¬ψ
388  using RAA assms by blast
389AOT_theorem "raa-cor:6":
390  assumes ¬φ and ψ  φ
391  shows ¬ψ
392  using RAA assms by blast
393
394AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
395  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
396     (metis "&E" "&I" "raa-cor:3" "→I" MP)
397AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
398  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
399     (metis "&E" "&I" "raa-cor:3" "→I" MP)
400AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
401  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
402     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
403
404AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
405  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
406     (meson "&I" "&E" "→I")
407lemmas "Commutativity of &" = "oth-class-taut:2:a"
408AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
409  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
410     (metis "&I" "&E" "→I")
411lemmas "Associativity of &" = "oth-class-taut:2:b"
412AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
413  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
414     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
415lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
416AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
417  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
418     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
419lemmas "Associativity of ∨" = "oth-class-taut:2:d"
420AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
421  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
422      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E"
423            "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
424lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
425AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
426  using "conventions:3"[THEN "df-rules-formulas[4]"]
427        "conventions:3"[THEN "df-rules-formulas[3]"]
428        "→I" "→E" "&E" "&I"
429  by metis
430lemmas "Associativity of ≡" = "oth-class-taut:2:f"
431
432AOT_theorem "oth-class-taut:3:a": φ  φ
433  using "&I" "vdash-properties:6" "if-p-then-p"
434        "df-rules-formulas[4]" "conventions:3" by blast
435AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
436  using "&I" "useful-tautologies:1" "useful-tautologies:2" "→E"
437        "df-rules-formulas[4]" "conventions:3" by blast
438AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
439  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
440
441AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
442  by (metis "→E" "→I")
443AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
444  using "conventions:3"[THEN "df-rules-formulas[4]"]
445        "conventions:3"[THEN "df-rules-formulas[3]"]
446        "→I" "→E" "&E" "&I" RAA by metis
447AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
448  using "conventions:3"[THEN "df-rules-formulas[4]"]
449        "conventions:3"[THEN "df-rules-formulas[3]"]
450        "→I" "→E" "&E" "&I" by metis
451AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
452  using "conventions:3"[THEN "df-rules-formulas[4]"]
453        "conventions:3"[THEN "df-rules-formulas[3]"]
454        "→I" "→E" "&E" "&I" by metis
455AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
456  using "conventions:3"[THEN "df-rules-formulas[4]"]
457        "conventions:3"[THEN "df-rules-formulas[3]"]
458        "→I" "→E" "&E" "&I" by metis
459AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
460  using "conventions:3"[THEN "df-rules-formulas[4]"]
461        "conventions:3"[THEN "df-rules-formulas[3]"]
462        "→I" "→E" "&E" "&I" by metis
463AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
464proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
465                   "&I" "→I"
466           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
467  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
468    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
469next
470  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
471    using that "∨E" "&E" "raa-cor:3" by blast
472next
473  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
474    using that "∨E" "&E" "raa-cor:3" by blast
475qed
476AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
477proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
478                    "&I" "→I")
479  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
480    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]"
481              "raa-cor:3" "conventions:3")
482next
483  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
484    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]"
485              "raa-cor:3" "conventions:3")
486qed
487AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
488  using "conventions:3"[THEN "df-rules-formulas[4]"]
489        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
490AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
491  using "conventions:3"[THEN "df-rules-formulas[4]"]
492        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
493AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
494  using "conventions:3"[THEN "df-rules-formulas[4]"]
495        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
496AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
497  using "conventions:3"[THEN "df-rules-formulas[4]"]
498        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
499
500lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
501
502AOT_theorem "oth-class-taut:6:a":
503  (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
504  using "conventions:3"[THEN "df-rules-formulas[4]"]
505        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
506AOT_theorem "oth-class-taut:6:b":
507  (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
508  using "conventions:3"[THEN "df-rules-formulas[4]"]
509        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
510
511AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
512  by (metis "&I" "→E" "→I")
513lemmas Exportation = "oth-class-taut:7:a"
514AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
515  by (metis "&E" "→E" "→I")
516lemmas Importation = "oth-class-taut:7:b"
517
518AOT_theorem "oth-class-taut:8:a":
519  (φ  (ψ  χ))  (ψ  (φ  χ))
520  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I"
521  by metis
522lemmas Permutation = "oth-class-taut:8:a"
523AOT_theorem "oth-class-taut:8:b":
524  (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
525  by (metis "&I" "→E" "→I")
526lemmas Composition = "oth-class-taut:8:b"
527AOT_theorem "oth-class-taut:8:c":
528  (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
529  by (metis "∨E"(2) "→E" "→I" RAA(1))
530AOT_theorem "oth-class-taut:8:d":
531  ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
532  by (metis "&E" "&I" "→E" "→I")
533lemmas "Double Composition" = "oth-class-taut:8:d"
534AOT_theorem "oth-class-taut:8:e":
535  ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
536  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
537            "conventions:3"[THEN "df-rules-formulas[3]"]
538            "→I" "→E" "&E" "&I")
539AOT_theorem "oth-class-taut:8:f":
540  ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
541  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
542            "conventions:3"[THEN "df-rules-formulas[3]"]
543            "→I" "→E" "&E" "&I")
544AOT_theorem "oth-class-taut:8:g":
545  (ψ  χ)  ((φ  ψ)  (φ  χ))
546  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
547            "conventions:3"[THEN "df-rules-formulas[3]"]
548            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
549AOT_theorem "oth-class-taut:8:h":
550  (ψ  χ)  ((ψ  φ)  (χ  φ))
551  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
552            "conventions:3"[THEN "df-rules-formulas[3]"]
553            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
554AOT_theorem "oth-class-taut:8:i":
555  (φ  (ψ & χ))  (ψ  (φ  χ))
556  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
557            "conventions:3"[THEN "df-rules-formulas[3]"]
558            "→I" "→E" "&E" "&I")
559
560AOT_theorem "intro-elim:1":
561  assumes φ  ψ and φ  χ and ψ  Θ
562  shows χ  Θ
563  by (metis assms "∨I"(1, 2) "∨E"(1) "→I" "→E" "&E"(1)
564            "conventions:3"[THEN "df-rules-formulas[3]"])
565
566AOT_theorem "intro-elim:2":
567  assumes φ  ψ and ψ  φ
568  shows φ  ψ
569  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
570lemmas "≡I" = "intro-elim:2"
571
572AOT_theorem "intro-elim:3:a":
573  assumes φ  ψ and φ
574  shows ψ
575  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
576AOT_theorem "intro-elim:3:b":
577  assumes φ  ψ and ψ
578  shows φ
579  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
580AOT_theorem "intro-elim:3:c":
581  assumes φ  ψ and ¬φ
582  shows ¬ψ
583  using "intro-elim:3:b" "raa-cor:3" assms by blast
584AOT_theorem "intro-elim:3:d":
585  assumes φ  ψ and ¬ψ
586  shows ¬φ
587  using "intro-elim:3:a" "raa-cor:3" assms by blast
588AOT_theorem "intro-elim:3:e":
589  assumes φ  ψ and ψ  χ
590  shows φ  χ
591  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
592declare "intro-elim:3:e"[trans]
593AOT_theorem "intro-elim:3:f":
594  assumes φ  ψ and φ  χ
595  shows χ  ψ
596  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
597lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c"
598              "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
599
600declare "Commutativity of ≡"[THEN "≡E"(1), sym]
601
602AOT_theorem "rule-eq-df:1":
603  assumes φ df ψ
604  shows φ  ψ
605  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
606lemmas "≡Df" = "rule-eq-df:1"
607AOT_theorem "rule-eq-df:2":
608  assumes φ df ψ and φ
609  shows ψ
610  using "≡Df" "≡E"(1) assms by blast
611lemmas "≡dfE" = "rule-eq-df:2"
612AOT_theorem "rule-eq-df:3":
613  assumes φ df ψ and ψ
614  shows φ
615  using "≡Df" "≡E"(2) assms by blast
616lemmas "≡dfI" = "rule-eq-df:3"
617
618AOT_theorem  "df-simplify:1":
619  assumes φ  (ψ & χ) and ψ
620  shows φ  χ
621  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
622(* Note: this is a slight variation from PLM *)
623AOT_theorem  "df-simplify:2":
624  assumes φ  (ψ & χ) and χ
625  shows φ  ψ
626  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
627lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
628
629subsection‹The Theory of Quantification›
630text‹\label{PLM: 9.6}›
631
632AOT_theorem "rule-ui:1":
633  assumes α φ{α} and τ
634  shows φ{τ}
635  using "→E" "cqt:1"[axiom_inst] assms by blast
636AOT_theorem "rule-ui:2[const_var]":
637  assumes α φ{α}
638  shows φ{β}
639  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
640AOT_theorem "rule-ui:2[lambda]":
641  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
642  shows φ{ν1...νn ψ{ν1...νn}]}
643  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
644AOT_theorem "rule-ui:3":
645  assumes α φ{α}
646  shows φ{α}
647  by (simp add: "rule-ui:2[const_var]" assms)
648lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]"
649              "rule-ui:2[lambda]" "rule-ui:3"
650
651AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β}
652  by (simp add: "∀E"(2) "→I")
653AOT_theorem "cqt-orig:1[lambda]":
654  assumes INSTANCE_OF_CQT_2(ψ)
655  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
656  by (simp add: "∀E"(3) "→I" assms)
657AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
658  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
659AOT_theorem "cqt-orig:3": α φ{α}  φ{α}
660  using "cqt-orig:1[const_var]".
661
662AOT_theorem universal:
663  assumes for arbitrary β: φ{β}
664  shows α φ{α}
665  using GEN assms .
666lemmas "∀I" = universal
667
668(* Generalized mechanism for "∀I" followed by ∀E *)
669ML670fun get_instantiated_allI ctxt varname thm = let
671val trm = Thm.concl_of thm
672val trm =
673  case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
674  | _ => raise Term.TERM ("Expected simple theorem.", [trm])
675fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
676    (* TODO: better handling of indices *)
677    (if fst (fst v) = fst varname then [Var v] else [])
678  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
679  | extractVars (Abs (_, _, t)) = extractVars t
680  | extractVars _ = []
681val vars = extractVars trm
682val vars = fold Term.add_vars vars []
683val var = hd vars
684val trmty =
685  case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
686  | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
687val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
688      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
689       $ Var var, trm))
690val trm = Thm.cterm_of (Context.proof_of ctxt) trm
691val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
692val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
693fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
694val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
695fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
696val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
697val allthm = Drule.instantiate_normalize (TVars_make [(ty, typ)],Vars_empty) @{thm "∀I"}
698val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
699val allthm = Drule.instantiate_normalize (TVars_empty, Vars_make [(phi,trm)]) allthm
700in
701allthm
702end
703
704
705attribute_setup "∀I" =
706  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
707  (fn ctxt => fn thm => fold (fn arg => fn thm =>
708    thm RS get_instantiated_allI ctxt arg thm) args thm))
709  "Quantify over a variable in a theorem using GEN."
710
711attribute_setup "unvarify" =
712  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
713  (fn ctxt => fn thm =>
714    let
715      fun get_inst_allI arg thm = thm RS get_instantiated_allI ctxt arg thm
716      val thm = fold get_inst_allI args thm
717      val thm = fold (K (fn thm => thm RS @{thm "∀E"(1)})) args thm
718    in
719     thm
720    end))
721  "Generalize a statement about variables to a statement about denoting terms."
722
723(* Note: rereplace-lem does not apply to the embedding *)
724
725AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
726  by (metis "≡I" "∀E"(2) "∀I" "→I")
727
728AOT_theorem "cqt-basic:2":
729  α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
730proof (rule "≡I"; rule "→I")
731  AOT_assume α(φ{α}  ψ{α})
732  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
733  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
734    using "≡E"(1,2) "→I" by blast+
735  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
736    by (auto intro: "&I" "∀I")
737next
738  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
739  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
740    using "∀E"(2) "&E" by blast+
741  AOT_hence φ{α}  ψ{α} for α
742    using "≡I" by blast
743  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
744qed
745
746AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
747proof(rule "→I")
748  AOT_assume α(φ{α}  ψ{α})
749  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
750  {
751    AOT_assume α φ{α}
752    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
753  }
754  moreover {
755    AOT_assume α ψ{α}
756    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
757  }
758  ultimately AOT_show α φ{α}  α ψ{α}
759    using "≡I" "→I" by auto
760qed
761
762AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
763proof(rule "→I")
764  AOT_assume 0: α(φ{α} & ψ{α})
765  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
766  AOT_thus α φ{α} & α ψ{α}
767    by (auto intro: "∀I" "&I")
768qed
769
770AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
771  using "cqt-orig:3" by blast
772
773AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
774  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
775
776AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
777  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
778
779AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
780  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
781
782AOT_theorem "cqt-basic:9":
783  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
784proof -
785  {
786    AOT_assume α (φ{α}  ψ{α})
787    moreover AOT_assume α (ψ{α}  χ{α})
788    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α
789      using "∀E" by blast+
790    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
791    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
792  }
793  thus ?thesis using "&I" "→I" "&E" by meson
794qed
795
796AOT_theorem "cqt-basic:10":
797  (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
798proof(rule "→I"; rule "∀I")
799  fix β
800  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
801  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
802  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
803qed
804
805AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
806proof (rule "≡I"; rule "→I")
807  AOT_assume 0: α(φ{α}  ψ{α})
808  {
809    fix α
810    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
811    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
812  }
813  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
814next
815  AOT_assume 0: α(ψ{α}  φ{α})
816  {
817    fix α
818    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
819    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
820  }
821  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
822qed
823
824AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
825  by (simp add: "∀E"(2) "→I" GEN)
826
827AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
828  using "≡I" "→I" by blast
829
830AOT_theorem "cqt-basic:14":
831  (α1...∀αn (φ{α1...αn}  ψ{α1...αn})) 
832   ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
833  using "cqt:3"[axiom_inst] by auto
834
835AOT_theorem "cqt-basic:15":
836  (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
837  using "cqt-orig:2" by auto
838
839AOT_theorem "universal-cor":
840  assumes for arbitrary β: φ{β}
841  shows α φ{α}
842  using GEN assms .
843
844AOT_theorem "existential:1":
845  assumes φ{τ} and τ
846  shows α φ{α}
847proof(rule "raa-cor:1")
848  AOT_assume ¬α φ{α}
849  AOT_hence α ¬φ{α}
850    using "≡dfI" "conventions:4" RAA "&I" by blast
851  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
852  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
853qed
854
855AOT_theorem "existential:2[const_var]":
856  assumes φ{β}
857  shows α φ{α}
858  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
859
860AOT_theorem "existential:2[lambda]":
861  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
862  shows α φ{α}
863  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
864lemmas "∃I" = "existential:1" "existential:2[const_var]"
865              "existential:2[lambda]" 
866
867AOT_theorem "instantiation":
868  assumes for arbitrary β: φ{β}  ψ and α φ{α}
869  shows ψ
870  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
871lemmas "∃E" = "instantiation"
872
873AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
874  using "∀E"(4) "∃I"(2) "→I" by metis
875
876AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
877  using "∀I" "∃I"(2) "→I" RAA by metis
878
879AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
880  using "∀E"(4) "∃E" "→I" RAA
881  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
882
883AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
884  using "∀I" "∃I"(2)"→I" RAA by metis
885
886AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
887  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
888
889AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
890  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
891
892(* NOTE: vacuous in the embedding *)
893AOT_theorem "cqt-further:7": α φ{α}  β φ{β}
894  by (simp add: "oth-class-taut:3:a")
895
896AOT_theorem "cqt-further:8":
897  (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
898  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
899
900AOT_theorem "cqt-further:9":
901  (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
902  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
903
904AOT_theorem "cqt-further:10":
905  (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
906proof(rule "→I"; rule "raa-cor:2")
907  AOT_assume 0: α φ{α} & ¬α ψ{α}
908  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
909  moreover AOT_assume α (φ{α}  ψ{α})
910  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
911  AOT_hence α ψ{α} using "∃I" by blast
912  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
913qed
914
915AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
916  using "≡I" "→I" "∃I"(2) "∃E" by metis
917
918subsection‹Logical Existence, Identity, and Truth›
919text‹\label{PLM: 9.7}›
920
921AOT_theorem "log-prop-prop:1":  φ]
922  using "cqt:2[lambda0]"[axiom_inst] by auto
923
924AOT_theorem "log-prop-prop:2": φ
925  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
926
927AOT_theorem "exist-nec": τ  τ
928proof -
929  AOT_have β β
930    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
931  AOT_thus τ  τ
932    using "cqt:1"[axiom_inst] "→E" by blast
933qed
934
935(* TODO: replace this mechanism by a "proof by types" command *)
936class AOT_Term_id = AOT_Term +
937  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
938      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
939
940instance κ :: AOT_Term_id
941proof
942  AOT_modally_strict {
943    AOT_show κ = κ'  κ for κ κ'
944    proof(rule "→I")
945      AOT_assume κ = κ'
946      AOT_hence O!κ  A!κ
947        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
948           (meson "→I" "∨I"(1) "&E"(1))+
949      AOT_thus κ
950        by (rule "∨E"(1))
951           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
952    qed
953  }
954next
955  AOT_modally_strict {
956    AOT_show κ = κ'  κ' for κ κ'
957    proof(rule "→I")
958      AOT_assume κ = κ'
959      AOT_hence O!κ'  A!κ'
960        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
961           (meson "→I" "∨I" "&E")+
962      AOT_thus κ'
963        by (rule "∨E"(1))
964           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
965    qed
966  }
967qed
968
969instance rel :: (AOT_κs) AOT_Term_id
970proof
971  AOT_modally_strict {
972    AOT_show Π = Π'  Π for Π Π' :: <'a>
973    proof(rule "→I")
974      AOT_assume Π = Π'
975      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
976    qed
977  }
978next
979  AOT_modally_strict {
980    AOT_show Π = Π'  Π' for Π Π' :: <'a>
981    proof(rule "→I")
982      AOT_assume Π = Π'
983      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
984    qed
985  }
986qed
987
988instance 𝗈 :: AOT_Term_id
989proof
990  AOT_modally_strict {
991    fix φ ψ
992    AOT_show φ = ψ  φ
993    proof(rule "→I")
994      AOT_assume φ = ψ
995      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
996    qed
997  }
998next
999  AOT_modally_strict {
1000    fix φ ψ
1001    AOT_show φ = ψ  ψ
1002    proof(rule "→I")
1003      AOT_assume φ = ψ
1004      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
1005    qed
1006  }
1007qed
1008
1009instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
1010proof
1011  AOT_modally_strict {
1012    fix τ τ' :: 'a×'b
1013    AOT_show τ = τ'  τ
1014    proof (induct τ; induct τ'; rule "→I")
1015      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1016      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1017      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1018      AOT_hence τ1 and τ2
1019        using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
1020      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
1021    qed
1022  }
1023next
1024  AOT_modally_strict {
1025    fix τ τ' :: 'a×'b
1026    AOT_show τ = τ'  τ'
1027    proof (induct τ; induct τ'; rule "→I")
1028      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1029      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1030      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1031      AOT_hence τ1' and τ2'
1032        using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
1033      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
1034    qed
1035  }
1036qed
1037
1038(* This is the end of the "proof by types" and
1039   makes the results available on new theorems *)
1040AOT_register_type_constraints
1041  Term: _::AOT_Term_id› _::AOT_Term_id›
1042AOT_register_type_constraints
1043  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
1044AOT_register_type_constraints
1045  Relation: <_::{AOT_κs, AOT_Term_id}>
1046
1047AOT_theorem "id-rel-nec-equiv:1":
1048  Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1049proof(rule "→I")
1050  AOT_assume assumption: Π = Π'
1051  AOT_hence Π and Π'
1052    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1053  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn)) 
1054                                     x1...∀xn ([F]x1...xn  [G]x1...xn)))
1055    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1056  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1057                                   x1...∀xn ([Π]x1...xn  [Π']x1...xn))
1058    using "∀E"(1) by blast
1059  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1060             x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1061    using assumption "→E" by blast
1062  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
1063    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1064  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1065    using "→E" by blast
1066qed
1067
1068AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
1069proof(rule "→I")
1070  AOT_assume assumption: φ = ψ
1071  AOT_hence φ and ψ
1072    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1073  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
1074    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1075  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
1076    using "∀E"(1) by blast
1077  AOT_hence (φ  φ)  (φ  ψ)
1078    using assumption "→E" by blast
1079  moreover AOT_have (φ  φ)
1080    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1081  ultimately AOT_show (φ  ψ)
1082    using "→E" by blast
1083qed
1084
1085AOT_theorem "rule=E":
1086  assumes φ{τ} and τ = σ
1087  shows φ{σ}
1088proof -
1089  AOT_have τ and σ
1090    using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
1091  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
1092    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
1093  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
1094    using "∀E"(1) by blast
1095  AOT_thus φ{σ} using assms "→E" by blast
1096qed
1097
1098AOT_theorem "propositions-lemma:1":  φ] = φ
1099proof -
1100  AOT_have φ by (simp add: "log-prop-prop:2")
1101  moreover AOT_have p  p] = p
1102    using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
1103  ultimately AOT_show  φ] = φ
1104    using "∀E" by blast
1105qed
1106
1107AOT_theorem "propositions-lemma:2":  φ]  φ
1108proof -
1109  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
1110  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
1111qed
1112
1113(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
1114
1115AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
1116  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
1117
1118(* dr-alphabetic-rules does not apply *)
1119
1120AOT_theorem "oa-exist:1": O!
1121proof -
1122  AOT_have x [E!]x] by "cqt:2[lambda]"
1123  AOT_hence 1: O! = x [E!]x]
1124    using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
1125  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1126qed
1127
1128AOT_theorem "oa-exist:2": A!
1129proof -
1130  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
1131  AOT_hence 1: A! = x ¬[E!]x]
1132    using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
1133  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1134qed
1135
1136AOT_theorem "oa-exist:3": O!x  A!x
1137proof(rule "raa-cor:1")
1138  AOT_assume ¬(O!x  A!x)
1139  AOT_hence A: ¬O!x and B: ¬A!x
1140    using "Disjunction Addition"(1) "modus-tollens:1"
1141          "∨I"(2) "raa-cor:5" by blast+
1142  AOT_have C: O! = x [E!]x]
1143    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2"
1144  AOT_have D: A! = x ¬[E!]x]
1145    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2"
1146  AOT_have E: ¬x [E!]x]x
1147    using A C "rule=E" by fast
1148  AOT_have F: ¬x ¬[E!]x]x
1149    using B D "rule=E" by fast
1150  AOT_have G: x [E!]x]x  [E!]x
1151    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1152  AOT_have H: x ¬[E!]x]x  ¬[E!]x
1153    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1154  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
1155qed
1156
1157AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
1158proof -
1159  AOT_have F = G  F & G & x(x[F]  x[G])
1160    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]"
1161          "→E" "&E" "≡I" "→I" by blast
1162  moreover AOT_have F and G
1163    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1164  ultimately AOT_show F = G  x(x[F]  x[G])
1165    using "≡S"(1) "&I" by blast
1166qed
1167
1168AOT_theorem "p-identity-thm2:2[2]":
1169  F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1170proof -
1171  AOT_have F = G  F & G &
1172              y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1173    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1174          "→E" "&E" "≡I" "→I" by blast
1175  moreover AOT_have F and G
1176    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1177  ultimately show ?thesis
1178    using "≡S"(1) "&I" by blast
1179qed
1180    
1181AOT_theorem "p-identity-thm2:2[3]":
1182  F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] &
1183                  x [F]y1xy2] = x [G]y1xy2] &
1184                  x [F]y1y2x] = x [G]y1y2x])
1185proof -
1186  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] &
1187                                     x [F]y1xy2] = x [G]y1xy2] &
1188                                     x [F]y1y2x] = x [G]y1y2x])
1189    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1190          "→E" "&E" "≡I" "→I" by blast
1191  moreover AOT_have F and G
1192    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1193  ultimately show ?thesis
1194    using "≡S"(1) "&I" by blast
1195qed
1196
1197AOT_theorem "p-identity-thm2:2[4]":
1198  F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1199                     x [F]y1xy2y3] = x [G]y1xy2y3] &
1200                     x [F]y1y2xy3] = x [G]y1y2xy3] &
1201                     x [F]y1y2y3x] = x [G]y1y2y3x])
1202proof -
1203  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1204                                        x [F]y1xy2y3] = x [G]y1xy2y3] &
1205                                        x [F]y1y2xy3] = x [G]y1y2xy3] &
1206                                        x [F]y1y2y3x] = x [G]y1y2y3x])
1207    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1208          "→E" "&E" "≡I" "→I" by blast
1209  moreover AOT_have F and G
1210    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1211  ultimately show ?thesis
1212    using "≡S"(1) "&I" by blast
1213qed
1214
1215AOT_theorem "p-identity-thm2:2":
1216  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1217proof -
1218  AOT_have F = G  F & G &
1219              x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1220    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]"
1221          "→E" "&E" "≡I" "→I" by blast
1222  moreover AOT_have F and G
1223    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1224  ultimately show ?thesis
1225    using "≡S"(1) "&I" by blast
1226qed
1227
1228AOT_theorem "p-identity-thm2:3":
1229  p = q  x p] = x q]
1230proof -
1231  AOT_have p = q  p & q & x p] = x q]
1232    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]"
1233          "→E" "&E" "≡I" "→I" by blast
1234  moreover AOT_have p and q
1235    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1236  ultimately show ?thesis
1237    using "≡S"(1) "&I" by blast
1238qed
1239
1240class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
1241
1242instance κ :: AOT_Term_id_2
1243proof
1244  AOT_modally_strict {
1245    fix x
1246    {
1247      AOT_assume O!x
1248      moreover AOT_have F([F]x  [F]x)
1249        using RN GEN "oth-class-taut:3:a" by fast
1250      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
1251    }
1252    moreover {
1253      AOT_assume A!x
1254      moreover AOT_have F(x[F]  x[F])
1255        using RN GEN "oth-class-taut:3:a" by fast
1256      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
1257    }
1258    ultimately AOT_have (O!x & O!x & F([F]x  [F]x)) 
1259                         (A!x & A!x & F(x[F]  x[F]))
1260      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
1261    AOT_thus x = x
1262      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
1263  }
1264qed
1265
1266instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
1267proof
1268  AOT_modally_strict {
1269    fix F :: "<'a> AOT_var"
1270    AOT_have 0: x1...xn [F]x1...xn] = F
1271      by (simp add: "lambda-predicates:3"[axiom_inst])
1272    AOT_have x1...xn [F]x1...xn]
1273      by "cqt:2[lambda]"
1274    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1275      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1276    AOT_show F = F using "rule=E" 0 by force 
1277  }
1278qed
1279
1280instance 𝗈 :: AOT_Term_id_2
1281proof
1282  AOT_modally_strict {
1283    fix p
1284    AOT_have 0:  p] = p
1285      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1286    AOT_have  p]
1287      by (rule "cqt:2[lambda0]"[axiom_inst])
1288    AOT_hence  p] =  p]
1289      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1290    AOT_show p = p using "rule=E" 0 by force
1291  }
1292qed
1293
1294instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1295proof
1296  AOT_modally_strict {
1297    fix α :: ('a×'b) AOT_var›
1298    AOT_show α = α
1299    proof (induct)
1300      AOT_show τ = τ if τ for τ :: 'a×'b
1301        using that
1302      proof (induct τ)
1303        fix τ1 :: 'a and τ2 :: 'b
1304        AOT_assume «(τ1,τ2)»
1305        AOT_hence τ1 and τ2
1306          using "≡dfE" "&E" tuple_denotes by blast+
1307        AOT_hence τ1 = τ1 and τ2 = τ2
1308          using "id-eq:1"[unvarify α] by blast+
1309        AOT_thus «(τ1, τ2)» = «(τ1, τ2)»
1310          by (metis "≡dfI" "&I" tuple_identity_1)
1311      qed
1312    qed
1313  }
1314qed
1315
1316AOT_register_type_constraints
1317  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1318AOT_register_type_constraints
1319  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1320AOT_register_type_constraints
1321  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1322
1323AOT_theorem "id-eq:2": α = β  β = α
1324  by (meson "rule=E" "deduction-theorem")
1325
1326AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1327  using "rule=E" "→I" "&E" by blast
1328
1329AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1330proof (rule "≡I"; rule "→I")
1331  AOT_assume 0: α = β
1332  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1333  AOT_show γ (α = γ  β = γ)
1334    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1335next
1336  AOT_assume γ (α = γ  β = γ)
1337  AOT_hence α = α  β = α using "∀E"(2) by blast
1338  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1339  AOT_hence β = α using "id-eq:1" "→E" by blast
1340  AOT_thus α = β using "id-eq:2" "→E" by blast
1341qed
1342
1343AOT_theorem "rule=I:1":
1344  assumes τ
1345  shows τ = τ
1346proof -
1347  AOT_have α (α = α)
1348    by (rule GEN) (metis "id-eq:1")
1349  AOT_thus τ = τ using assms "∀E" by blast
1350qed
1351
1352AOT_theorem "rule=I:2[const_var]": "α = α"
1353  using "id-eq:1".
1354
1355AOT_theorem "rule=I:2[lambda]":
1356  assumes INSTANCE_OF_CQT_2(φ)
1357  shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1358proof -
1359  AOT_have α (α = α)
1360    by (rule GEN) (metis "id-eq:1")
1361  moreover AOT_have ν1...νn φ{ν1...νn}]
1362    using assms by (rule "cqt:2[lambda]"[axiom_inst])
1363  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]
1364    using assms "∀E" by blast
1365qed
1366
1367lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1368
1369AOT_theorem "rule-id-df:1":
1370  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1371  shows τ{τ1...τn} = σ{τ1...τn}
1372proof -
1373  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1374    using "df-rules-terms[3]" assms(1) "&E" by blast
1375  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1376    using assms(2) "→E" by blast
1377qed
1378
1379AOT_theorem "rule-id-df:1[zero]":
1380  assumes τ =df σ and σ
1381  shows τ = σ
1382proof -
1383  AOT_have σ  τ = σ
1384    using "df-rules-terms[4]" assms(1) "&E" by blast
1385  AOT_thus τ = σ
1386    using assms(2) "→E" by blast
1387qed
1388
1389AOT_theorem "rule-id-df:2:a":
1390  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1391  shows φ{σ{τ1...τn}}
1392proof -
1393  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1394  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1395qed
1396
1397AOT_theorem "rule-id-df:2:a[2]":
1398  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1399    and σ{«(τ1,τ2)»}
1400      and φ{τ{«(τ1,τ2)»}}
1401  shows φ{σ{«(τ1::'a::AOT_Term_id_2,τ2::'b::AOT_Term_id_2)»}}
1402proof -
1403  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1404    using "rule-id-df:1" assms(1,2) by auto
1405  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1406qed
1407
1408AOT_theorem "rule-id-df:2:a[zero]":
1409  assumes τ =df σ and σ and φ{τ}
1410  shows φ{σ}
1411proof -
1412  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1413  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1414qed
1415
1416lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1417
1418AOT_theorem "rule-id-df:2:b":
1419  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1420  shows φ{τ{τ1...τn}}
1421proof -
1422  AOT_have τ{τ1...τn} = σ{τ1...τn}
1423    using "rule-id-df:1" assms(1,2) by blast
1424  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1425    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1426  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1427qed
1428
1429AOT_theorem "rule-id-df:2:b[2]":
1430  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1431      and σ{«(τ1,τ2)»}
1432      and φ{σ{«(τ1,τ2)»}}
1433  shows φ{τ{«(τ1::'a::AOT_Term_id_2,τ2::'b::AOT_Term_id_2)»}}
1434proof -
1435  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1436    using "=I"(1) "rule-id-df:2:a[2]" RAA(1) assms(1,2) "→I" by metis
1437  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1438    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1439  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1440qed
1441
1442AOT_theorem "rule-id-df:2:b[zero]":
1443  assumes τ =df σ and σ and φ{σ}
1444  shows φ{τ}
1445proof -
1446  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1447  AOT_hence σ = τ
1448    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1449  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1450qed
1451
1452lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1453
1454AOT_theorem "free-thms:1": τ  β (β = τ)
1455  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1456
1457AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1458  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1459
1460AOT_theorem "free-thms:3[const_var]": β (β = α)
1461  by (meson "∃I"(2) "id-eq:1")
1462
1463AOT_theorem "free-thms:3[lambda]":
1464  assumes INSTANCE_OF_CQT_2(φ)
1465  shows β (β = ν1...νn φ{ν1...νn}])
1466  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1467
1468AOT_theorem "free-thms:4[rel]":
1469  ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1470  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1471            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1472
1473AOT_theorem "free-thms:4[vars]":
1474  ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1475  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1476            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1477
1478AOT_theorem "free-thms:4[1,rel]":
1479  ([Π]κ  κ[Π])  β (β = Π)
1480  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1481            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1482AOT_theorem "free-thms:4[1,1]":
1483  ([Π]κ  κ[Π])  β (β = κ)
1484  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1485            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1486
1487AOT_theorem "free-thms:4[2,rel]":
1488  ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1489  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1490            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1491AOT_theorem "free-thms:4[2,1]":
1492  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1493  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1494            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1495AOT_theorem "free-thms:4[2,2]":
1496  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1497  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1498            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1499AOT_theorem "free-thms:4[3,rel]":
1500  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1501  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1502            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1503AOT_theorem "free-thms:4[3,1]":
1504  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1505  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1506            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1507AOT_theorem "free-thms:4[3,2]":
1508  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1509  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1510            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1511AOT_theorem "free-thms:4[3,3]":
1512  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1513  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1514            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1515AOT_theorem "free-thms:4[4,rel]":
1516  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1517  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1518            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1519AOT_theorem "free-thms:4[4,1]":
1520  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1521  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1522            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1523AOT_theorem "free-thms:4[4,2]":
1524  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1525  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1526            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1527AOT_theorem "free-thms:4[4,3]":
1528  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1529  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1530            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1531AOT_theorem "free-thms:4[4,4]":
1532  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1533  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1534            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1535
1536AOT_theorem "ex:1:a": α α
1537  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1538AOT_theorem "ex:1:b": αβ(β = α)
1539  by (rule GEN) (fact "free-thms:3[const_var]")
1540
1541AOT_theorem "ex:2:a": α
1542  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1543AOT_theorem "ex:2:b": β(β = α)
1544  by (rule RN) (fact "free-thms:3[const_var]")
1545
1546AOT_theorem "ex:3:a": α α
1547  by (rule RN) (fact "ex:1:a")
1548AOT_theorem "ex:3:b": αβ(β = α)
1549  by (rule RN) (fact "ex:1:b")
1550
1551AOT_theorem "ex:4:a": α α
1552  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1553AOT_theorem "ex:4:b": αβ(β = α)
1554  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1555
1556AOT_theorem "ex:5:a": α α
1557  by (rule RN) (simp add: "ex:4:a")
1558AOT_theorem "ex:5:b": αβ(β = α)
1559  by (rule RN) (simp add: "ex:4:b")
1560
1561AOT_theorem "all-self=:1": α(α = α)
1562  by (rule RN; rule GEN) (fact "id-eq:1")
1563AOT_theorem "all-self=:2": α(α = α)
1564  by (rule GEN; rule RN) (fact "id-eq:1")
1565
1566AOT_theorem "id-nec:1": α = β  (α = β)
1567proof(rule "→I")
1568  AOT_assume α = β
1569  moreover AOT_have (α = α)
1570    by (rule RN) (fact "id-eq:1")
1571  ultimately AOT_show (α = β) using "rule=E" by fast
1572qed
1573
1574AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1575proof(rule "→I")
1576  AOT_assume asm: τ = σ
1577  moreover AOT_have τ
1578    using calculation "t=t-proper:1" "→E" by blast
1579  moreover AOT_have (τ = τ)
1580    using calculation "all-self=:2" "∀E"(1) by blast
1581  ultimately AOT_show (τ = σ) using "rule=E" by fast
1582qed
1583
1584AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1585proof (rule "≡I"; rule "→I")
1586  AOT_assume asm: φ{α}
1587  AOT_show β (β = α & φ{β})
1588    by (rule "∃I"(2)[where β=α]; rule "&I")
1589       (auto simp: "id-eq:1" asm)
1590next
1591  AOT_assume 0: β (β = α & φ{β})
1592  AOT_obtain β where β = α & φ{β}
1593    using "∃E"[rotated, OF 0] by blast
1594  AOT_thus φ{α} using "&E" "rule=E" by blast
1595qed
1596
1597AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1598proof(rule "→I")
1599  AOT_assume τ
1600  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1601    by (rule GEN) (fact "term-out:1")
1602  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1603    using "∀E" by blast
1604qed
1605
1606AOT_theorem "term-out:3":
1607  (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1608  apply (rule "≡I"; rule "→I")
1609   apply (frule "&E"(1))
1610   apply (drule "&E"(2))
1611   apply (rule GEN; rule "≡I"; rule "→I")
1612  using "rule-ui:2[const_var]" "vdash-properties:5"
1613    apply blast
1614   apply (meson "rule=E" "id-eq:1")
1615  apply (rule "&I")
1616  using "id-eq:1" "≡E"(2) "rule-ui:3"
1617   apply blast
1618  apply (rule GEN; rule "→I")
1619  using "≡E"(1) "rule-ui:2[const_var]"
1620  by blast
1621
1622(* Note: generalized alphabetic variant of the last theorem. *)
1623AOT_theorem "term-out:4":
1624  (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1625  using "term-out:3" .
1626
1627(* TODO: Provide a nicer mechanism for introducing custom binders. *)
1628AOT_define AOT_exists_unique :: ‹α  φ  φ› "uniqueness:1":
1629  «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1630syntax (input) "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1631syntax (output) "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_'(_')" [1,40])
1632AOT_syntax_print_translations
1633  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1634syntax
1635   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ›
1636   (∃!_...∃!_ _› [1,40])
1637parse_ast_translation1638[(syntax_const‹_AOT_exists_unique_ellipse›,
1639  fn ctx => fn [a,b,c] => Ast.mk_appl (Ast.Constant "AOT_exists_unique")
1640  [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1641 (syntax_const‹_AOT_exists_unique›,
1642  AOT_restricted_binder
1643    const_name‹AOT_exists_unique›
1644    const_syntax‹AOT_conj›)]
1645print_translationAOT_syntax_print_translations [
1646  AOT_preserve_binder_abs_tr'
1647    const_syntax‹AOT_exists_unique›
1648    syntax_const‹_AOT_exists_unique›
1649    (syntax_const‹_AOT_exists_unique_ellipse›, true)
1650    const_name‹AOT_conj›,
1651  AOT_binder_trans
1652    @{theory}
1653    @{binding "AOT_exists_unique_binder"}
1654    syntax_const‹_AOT_exists_unique›
1655]
1656
1657
1658context AOT_meta_syntax
1659begin
1660notation AOT_exists_unique (binder "!" 20)
1661end
1662context AOT_no_meta_syntax
1663begin
1664no_notation AOT_exists_unique (binder "!" 20)
1665end
1666
1667AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1668proof(rule "≡I"; rule "→I")
1669    AOT_assume ∃!α φ{α}
1670    AOT_hence α (φ{α} & β (φ{β}  β = α))
1671      using "uniqueness:1" "≡dfE" by blast
1672    then AOT_obtain α where φ{α} & β (φ{β}  β = α)
1673      using "instantiation"[rotated] by blast
1674    AOT_hence β(φ{β}  β = α)
1675      using "term-out:3" "≡E" by blast
1676    AOT_thus αβ(φ{β}  β = α)
1677      using "∃I" by fast
1678next
1679    AOT_assume αβ(φ{β}  β = α)
1680    then AOT_obtain α where β (φ{β}  β = α)
1681      using "instantiation"[rotated] by blast
1682    AOT_hence φ{α} & β (φ{β}  β = α)
1683      using "term-out:3" "≡E" by blast
1684    AOT_hence α (φ{α} & β (φ{β}  β = α))
1685      using "∃I" by fast
1686    AOT_thus ∃!α φ{α}
1687      using "uniqueness:1" "≡dfI" by blast
1688qed
1689
1690AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1691proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1692  fix β γ
1693  AOT_assume ∃!α φ{α}
1694  AOT_hence αβ(φ{β}  β = α)
1695    using "uniqueness:2" "≡E" by blast
1696  then AOT_obtain α where β(φ{β}  β = α)
1697    using "instantiation"[rotated] by blast
1698  moreover AOT_assume φ{β} & φ{γ}
1699  ultimately AOT_have β = α and γ = α
1700    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1701  AOT_thus β = γ
1702    by (metis "rule=E" "id-eq:2" "→E")
1703qed
1704
1705AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1706proof (rule "→I"; rule "→I")
1707  AOT_assume a: α(φ{α}  φ{α})
1708  AOT_assume ∃!α φ{α}
1709  AOT_hence α (φ{α} & β (φ{β}  β = α))
1710    using "uniqueness:1" "≡dfE" by blast
1711  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α)
1712    using "instantiation"[rotated] by blast
1713  AOT_have φ{α}
1714    using ξ a "&E" "∀E" "→E" by fast
1715  moreover AOT_have β (φ{β}  β = α)
1716    apply (rule GEN; rule "→I")
1717    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"]
1718          "qml:2"[axiom_inst, THEN "→E"] by blast
1719  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1720    using "&I" by blast
1721  AOT_thus ∃!α φ{α}
1722    using "uniqueness:1" "≡dfI" "∃I" by fast
1723qed
1724
1725subsection‹The Theory of Actuality and Descriptions›
1726text‹\label{PLM: 9.8}›
1727
1728AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1729  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1730
1731AOT_theorem "nec-imp-act": φ  𝒜φ
1732  by (metis "act-cond" "contraposition:1[2]" "≡E"(4)
1733            "qml:2"[THEN act_closure, axiom_inst]
1734            "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1735
1736AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1737  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst]
1738        "logic-actual-nec:4"[axiom_inst] by blast
1739
1740AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1741  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst]
1742            "logic-actual-nec:4"[axiom_inst] RAA(1))
1743
1744AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1745proof -
1746  AOT_have (φ  (ψ  (φ & ψ)))
1747    by (rule RN) (fact Adjunction)
1748  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1749    using "nec-imp-act" "→E" by blast
1750  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1751    using "act-cond" "→E" by blast
1752  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1753    by (fact "act-cond")
1754  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1755    using "→I" "→E" by metis
1756  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1757    by (metis Importation "→E")
1758qed
1759
1760AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1761proof -
1762  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1763    by (fact "act-conj-act:3")
1764  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1765    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1766  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1767    using "→E" by blast
1768  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1769    using "conventions:3"[THEN "df-rules-formulas[2]",
1770                          THEN act_closure, axiom_inst] by blast
1771  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1772    using "act-cond" "→E" by blast
1773  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1774qed
1775
1776(* TODO: Consider introducing AOT_inductive. *)
1777inductive arbitrary_actualization for φ where
1778  arbitrary_actualization φ «𝒜φ»
1779| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1780declare arbitrary_actualization.cases[AOT]
1781        arbitrary_actualization.induct[AOT]
1782        arbitrary_actualization.simps[AOT]
1783        arbitrary_actualization.intros[AOT]
1784syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop›
1785  ("ARBITRARY'_ACTUALIZATION'(_,_')")
1786
1787notepad
1788begin
1789  AOT_modally_strict {
1790    fix φ
1791    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1792      using AOT_PLM.arbitrary_actualization.intros by metis
1793    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1794      using AOT_PLM.arbitrary_actualization.intros by metis
1795    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1796      using AOT_PLM.arbitrary_actualization.intros by metis
1797  }
1798end
1799
1800
1801AOT_theorem "closure-act:1":
1802  assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ)
1803  shows ψ
1804using assms proof(induct)
1805  case 1
1806  AOT_show 𝒜(𝒜φ  φ)
1807    by (simp add: "act-conj-act:4")
1808next
1809  case (2 ψ)
1810  AOT_thus 𝒜ψ
1811    by (metis arbitrary_actualization.simps "≡E"(1)
1812              "logic-actual-nec:4"[axiom_inst])
1813qed
1814
1815AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1816  by (simp add: "act-conj-act:4" "∀I")
1817
1818AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1819  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "∀I"
1820            "logic-actual-nec:3"[axiom_inst]
1821            "logic-actual-nec:4"[axiom_inst])
1822
1823AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1824  using "closure-act:3" .
1825
1826AOT_act_theorem "RA[1]":
1827  assumes  φ
1828  shows  𝒜φ
1829  ― ‹While this proof is rejected in PLM,
1830      we merely state it as modally-fragile rule,
1831      which addresses the concern in PLM.›
1832  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst]
1833        "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1834AOT_theorem "RA[2]":
1835  assumes  φ
1836  shows  𝒜φ
1837  ― ‹This rule is in fact a consequence of RN and
1838      does not require an appeal to the semantics itself.›
1839  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1840AOT_theorem "RA[3]":
1841  assumes Γ  φ
1842  shows 𝒜Γ  𝒜φ
1843  text‹This appears to only be derivable from the semantics,
1844       but apparently no proof actually relies on it.
1845       If this turns out to be required, it is valid to derive it from the
1846       semantics just like RN, but we refrain from doing so, unless necessary.›
1847  (*  using assms by (meson AOT_sem_act imageI) *)
1848  oops
1849
1850AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1851  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem"
1852                "≡I" "logic-actual"[act_axiom_inst])
1853
1854AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1855  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1"
1856        "useful-tautologies:2" by blast
1857
1858AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1859  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1860
1861AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1862proof (rule "≡I"; rule "→I")
1863  AOT_assume 𝒜(φ & ψ)
1864  moreover AOT_have 𝒜((φ & ψ)  φ)
1865    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1866  moreover AOT_have 𝒜((φ & ψ)  ψ)
1867    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1868  ultimately AOT_show 𝒜φ & 𝒜ψ
1869    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1870next
1871  AOT_assume 𝒜φ & 𝒜ψ
1872  AOT_thus 𝒜(φ & ψ)
1873    using "act-conj-act:3" "vdash-properties:6" by blast
1874qed
1875
1876AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1877proof (rule "≡I"; rule "→I")
1878  AOT_assume 𝒜(φ  ψ)
1879  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1880    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1881  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1882    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1883  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1884    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1885next
1886  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1887  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1888    by (metis "act-conj-act:3" "vdash-properties:10")
1889  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1890    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]"
1891                  "vdash-properties:1[2]")
1892  ultimately AOT_show 𝒜(φ  ψ)
1893    using "act-cond"[THEN "→E", THEN "→E"] by metis
1894qed
1895
1896AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1897proof (rule "≡I"; rule "→I")
1898  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1899  AOT_show 𝒜φ  𝒜ψ
1900    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1901next
1902  AOT_assume 𝒜φ  𝒜ψ
1903  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1904    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1905qed
1906
1907AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1908  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1909
1910AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1911  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1912
1913AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1914  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act"
1915            "qml-act:2"[axiom_inst])
1916
1917AOT_theorem "Act-Basic:8": φ  𝒜φ
1918  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1919
1920AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1921proof (rule "≡I"; rule "→I")
1922  AOT_assume 𝒜(φ  ψ)
1923  AOT_thus 𝒜φ  𝒜ψ
1924  proof (rule "raa-cor:3")
1925    AOT_assume ¬(𝒜φ  𝒜ψ)
1926    AOT_hence ¬𝒜φ & ¬𝒜ψ
1927      by (metis "≡E"(1) "oth-class-taut:5:d")
1928    AOT_hence 𝒜¬φ & 𝒜¬ψ
1929      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1930    AOT_hence 𝒜(¬φ & ¬ψ)
1931      using "≡E" "Act-Basic:2" by metis
1932    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1933      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1934    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1935      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1936    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1937    AOT_thus ¬𝒜(φ  ψ)
1938      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1939  qed
1940next
1941  AOT_assume 𝒜φ  𝒜ψ
1942  AOT_thus 𝒜(φ  ψ)
1943    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1,2))
1944qed
1945
1946AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1947proof -
1948  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1949    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1950       (metis "logic-actual-nec:3"[axiom_inst])
1951  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1952    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1953       (rule "logic-actual-nec:1"[THEN universal_closure,
1954               axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1955  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1956    using "conventions:4"[THEN "df-rules-formulas[1]",
1957                          THEN act_closure, axiom_inst]
1958          "conventions:4"[THEN "df-rules-formulas[2]",
1959                          THEN act_closure, axiom_inst]
1960    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1961  also AOT_have   ¬𝒜α ¬φ{α}
1962    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1963  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1964  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1965  also AOT_have   α 𝒜 φ{α}
1966    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1967  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1968qed
1969
1970
1971AOT_theorem "Act-Basic:11":
1972  𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1973proof(rule "≡I"; rule "→I")
1974  AOT_assume 𝒜α(φ{α}  ψ{α})
1975  AOT_hence α𝒜(φ{α}  ψ{α})
1976    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1977  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1978  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1979  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1980next
1981  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1982  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1983  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1984  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1985  AOT_thus 𝒜α(φ{α}  ψ{α})
1986    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1987qed
1988
1989AOT_act_theorem "act-quant-uniq":
1990  β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1991proof(rule "≡I"; rule "→I")
1992  AOT_assume β(𝒜φ{β}  β = α)
1993  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1994  AOT_hence φ{β}  β = α for β
1995    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
1996    by metis
1997  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1998next
1999  AOT_assume β(φ{β}  β = α)
2000  AOT_hence φ{β}  β = α for β using "∀E" by blast
2001  AOT_hence 𝒜φ{β}  β = α for β
2002    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2003    by metis
2004  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
2005qed
2006
2007AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
2008  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
2009
2010AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
2011  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3"
2012        "fund-cont-desc" "≡E"(5) by blast
2013
2014
2015locale russell_axiom =
2016  fixes ψ
2017  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
2018begin
2019AOT_act_theorem "russell-axiom":
2020  ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
2021proof -
2022  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
2023    using hintikka "∀I" by fast
2024  show ?thesis
2025  proof(rule "≡I"; rule "→I")
2026    AOT_assume c: ψ{ιx φ{x}}
2027    AOT_hence d: ιx φ{x}
2028      using ψ_denotes_asm by blast
2029    AOT_hence y (y = ιx φ{x})
2030      by (metis "rule=I:1" "existential:1")
2031    then AOT_obtain a where a_def: a = ιx φ{x}
2032      using "instantiation"[rotated] by blast
2033    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a))
2034      using b "∀E" by blast
2035    ultimately AOT_have φ{a} & z(φ{z}  z = a)
2036      using "≡E" by blast
2037    moreover AOT_have ψ{a}
2038    proof - 
2039      AOT_have 1: xy(x = y  y = x)
2040        by (simp add: "id-eq:2" "universal-cor")
2041      AOT_have a = ιx φ{x}   ιx φ{x} = a
2042        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2043           (auto simp: 1 d "universal-cor")
2044      AOT_thus ψ{a}
2045        using a_def c "rule=E" "→E" by blast
2046    qed
2047    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
2048    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
2049  next
2050    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
2051    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b}
2052      using "instantiation"[rotated] by blast
2053    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b))
2054      using b "∀E" by blast
2055    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b}
2056      using g "&E" by blast+
2057    AOT_hence b = ιx φ{x} using h "≡E" by blast
2058    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
2059  qed
2060qed
2061end
2062
2063interpretation "russell-axiom[exe,1]": russell_axiom λ κ . «[Π]κ»
2064  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
2065interpretation "russell-axiom[exe,2,1,1]": russell_axiom λ κ . «[Π]κκ'»
2066  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
2067interpretation "russell-axiom[exe,2,1,2]": russell_axiom λ κ . «[Π]κ'κ»
2068  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2069interpretation "russell-axiom[exe,2,2]": russell_axiom λ κ . «[Π]κκ»
2070  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2071interpretation "russell-axiom[exe,3,1,1]": russell_axiom λ κ . «[Π]κκ'κ''»
2072  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2073interpretation "russell-axiom[exe,3,1,2]": russell_axiom λ κ . «[Π]κ'κκ''»
2074  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2075interpretation "russell-axiom[exe,3,1,3]": russell_axiom λ κ . «[Π]κ'κ''κ»
2076  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2077interpretation "russell-axiom[exe,3,2,1]": russell_axiom λ κ . «[Π]κκκ'»
2078  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2079interpretation "russell-axiom[exe,3,2,2]": russell_axiom λ κ . «[Π]κκ'κ»
2080  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2081interpretation "russell-axiom[exe,3,2,3]": russell_axiom λ κ . «[Π]κ'κκ»
2082  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2083interpretation "russell-axiom[exe,3,3]": russell_axiom λ κ . «[Π]κκκ»
2084  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2085
2086interpretation "russell-axiom[enc,1]": russell_axiom λ κ . «κ[Π]»
2087  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
2088interpretation "russell-axiom[enc,2,1]": russell_axiom λ κ . «κκ'[Π]»
2089  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
2090interpretation "russell-axiom[enc,2,2]": russell_axiom λ κ . «κ'κ[Π]»
2091  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2092interpretation "russell-axiom[enc,2,3]": russell_axiom λ κ . «κκ[Π]»
2093  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2094interpretation "russell-axiom[enc,3,1,1]": russell_axiom λ κ . «κκ'κ''[Π]»
2095  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2096interpretation "russell-axiom[enc,3,1,2]": russell_axiom λ κ . «κ'κκ''[Π]»
2097  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2098interpretation "russell-axiom[enc,3,1,3]": russell_axiom λ κ . «κ'κ''κ[Π]»
2099  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2100interpretation "russell-axiom[enc,3,2,1]": russell_axiom λ κ . «κκκ'[Π]»
2101  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2102interpretation "russell-axiom[enc,3,2,2]": russell_axiom λ κ . «κκ'κ[Π]»
2103  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2104interpretation "russell-axiom[enc,3,2,3]": russell_axiom λ κ . «κ'κκ[Π]»
2105  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2106interpretation "russell-axiom[enc,3,3]": russell_axiom λ κ . «κκκ[Π]»
2107  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2108
2109AOT_act_theorem "!-exists:1": ιx φ{x}  ∃!x φ{x}
2110proof(rule "≡I"; rule "→I")
2111  AOT_assume ιx φ{x}
2112  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2113  then AOT_obtain a where a = ιx φ{x}
2114    using "instantiation"[rotated] by blast
2115  AOT_hence φ{a} & z (φ{z}  z = a)
2116    using hintikka "≡E" by blast
2117  AOT_hence x (φ{x} & z (φ{z}  z = x))
2118    by (rule "∃I")
2119  AOT_thus ∃!x φ{x}
2120    using "uniqueness:1"[THEN "≡dfI"] by blast
2121next
2122  AOT_assume ∃!x φ{x}
2123  AOT_hence x (φ{x} & z (φ{z}  z = x))
2124    using "uniqueness:1"[THEN "≡dfE"] by blast
2125  then AOT_obtain b where φ{b} & z (φ{z}  z = b)
2126    using "instantiation"[rotated] by blast
2127  AOT_hence b = ιx φ{x}
2128    using hintikka "≡E" by blast
2129  AOT_thus ιx φ{x}
2130    by (metis "t=t-proper:2" "vdash-properties:6")
2131qed
2132
2133AOT_act_theorem "!-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
2134  using "!-exists:1" "free-thms:1" "≡E"(6) by blast
2135
2136AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
2137  using "&E"(1) "→I" hintikka "≡E"(1) by blast
2138
2139(* Note: generalized alphabetic variant of the last theorem *)
2140AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1".
2141
2142AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
2143proof(rule "→I")
2144  AOT_assume ιx φ{x}
2145  AOT_hence y (y = ιx φ{x})
2146    by (metis "rule=I:1" "existential:1")
2147  then AOT_obtain a where a = ιx φ{x}
2148    using "instantiation"[rotated] by blast
2149  moreover AOT_have φ{a}
2150    using calculation hintikka "≡E"(1) "&E" by blast
2151  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
2152qed
2153
2154AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
2155  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
2156
2157
2158AOT_theorem "act-quant-nec":
2159  β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
2160proof(rule "≡I"; rule "→I")
2161  AOT_assume β (𝒜φ{β}  β = α)
2162  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2163  AOT_hence 𝒜𝒜φ{β}  β = α for β 
2164    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2165  AOT_thus β(𝒜𝒜φ{β}  β = α)
2166    by (rule "∀I")
2167next
2168  AOT_assume β(𝒜𝒜φ{β}  β = α)
2169  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
2170  AOT_hence 𝒜φ{β}  β = α for β
2171    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2172  AOT_thus β (𝒜φ{β}  β = α)
2173    by (rule "∀I")
2174qed
2175
2176AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
2177proof -
2178  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)
2179    using descriptions[axiom_inst] by blast
2180  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
2181  proof(rule "≡I"; rule "→I"; rule "∀I")
2182    AOT_assume z (𝒜φ{z}  z = x)
2183    AOT_hence 𝒜φ{a}  a = x for a
2184      using "∀E" by blast
2185    AOT_thus 𝒜𝒜φ{a}  a = x for a
2186      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2187  next
2188    AOT_assume z (𝒜𝒜φ{z}  z = x)
2189    AOT_hence 𝒜𝒜φ{a}  a = x for a
2190      using "∀E" by blast
2191    AOT_thus 𝒜φ{a}  a = x for a
2192      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2193  qed
2194  also AOT_have ...  x = ιx(𝒜φ{x})
2195    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
2196  finally show ?thesis .
2197qed
2198
2199AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
2200proof(rule "→I")
2201  AOT_assume ιx φ{x}
2202  AOT_hence y (y = ιx φ{x})
2203    by (metis "rule=I:1" "existential:1")
2204  then AOT_obtain a where a = ιx φ{x}
2205    using "instantiation"[rotated] by blast
2206  moreover AOT_have a = ιx(𝒜φ{x})
2207    using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
2208  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x})
2209    using "rule=E" by fast
2210qed
2211
2212AOT_theorem "nec-hintikka-scheme":
2213  x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
2214proof -
2215  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x)
2216    using descriptions[axiom_inst] by blast
2217  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
2218    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
2219  finally show ?thesis.
2220qed
2221
2222AOT_theorem "equiv-desc-eq:1":
2223  𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2224proof(rule "→I"; rule "∀I")
2225  fix β
2226  AOT_assume 𝒜x(φ{x}  ψ{x})
2227  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2228    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
2229  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x
2230    by (metis "Act-Basic:5" "≡E"(1))
2231  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β)
2232    using "nec-hintikka-scheme" by blast
2233  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2234  proof (rule "≡I"; rule "→I")
2235    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
2236    AOT_hence 𝒜φ{z}  z = β for z
2237      using "&E" "∀E" by blast
2238    AOT_hence 𝒜ψ{z}  z = β for z
2239      using 0 "≡E" "→I" "→E" by metis
2240    AOT_hence z(𝒜ψ{z}  z = β)
2241      using "∀I" by fast
2242    moreover AOT_have 𝒜ψ{β}
2243      using "&E" 0[THEN "≡E"(1)] 1 by blast
2244    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2245      using "&I" by blast
2246  next
2247    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2248    AOT_hence 𝒜ψ{z}  z = β for z
2249      using "&E" "∀E" by blast
2250    AOT_hence 𝒜φ{z}  z = β for z
2251      using 0 "≡E" "→I" "→E" by metis
2252    AOT_hence z(𝒜φ{z}  z = β)
2253      using "∀I" by fast
2254    moreover AOT_have 𝒜φ{β}
2255      using "&E" 0[THEN "≡E"(2)] 1 by blast
2256    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β)
2257      using "&I" by blast
2258  qed
2259  also AOT_have ...  β = ιx ψ{x}
2260    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
2261  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
2262qed
2263
2264AOT_theorem "equiv-desc-eq:2":
2265  ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2266proof(rule "→I")
2267  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
2268  AOT_hence 0: y (y = ιx φ{x}) and
2269            1: x (x = ιx φ{x}  x = ιx ψ{x})
2270    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
2271  then AOT_obtain a where a = ιx φ{x}
2272    using "instantiation"[rotated] by blast
2273  moreover AOT_have a = ιx ψ{x}
2274    using calculation 1 "∀E" "≡E"(1) by fast
2275  ultimately AOT_show ιx φ{x} = ιx ψ{x}
2276    using "rule=E" by fast
2277qed
2278
2279AOT_theorem "equiv-desc-eq:3":
2280  ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2281  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E"
2282        "nec-imp-act"[THEN "→E"] by metis
2283
2284(* Note: this is a special case of "exist-nec" *)
2285AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
2286proof(rule "→I")
2287  AOT_assume ιx φ{x}
2288  AOT_hence y (y = ιx φ{x})
2289    by (metis "rule=I:1" "existential:1")
2290  then AOT_obtain a where a = ιx φ{x}
2291    using "instantiation"[rotated] by blast
2292  AOT_thus ιx φ{x}
2293    using "ex:2:a" "rule=E" by fast
2294qed
2295
2296AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
2297proof(rule "→I")
2298  AOT_assume ιx φ{x}
2299  AOT_hence y (y = ιx φ{x})
2300    by (metis "rule=I:1" "existential:1")
2301  then AOT_obtain a where a = ιx φ{x}
2302    using "instantiation"[rotated] by blast
2303  AOT_hence (a = ιx φ{x})
2304    by (metis "id-nec:2" "vdash-properties:10")
2305  AOT_thus y (y = ιx φ{x})
2306    by (rule "∃I")
2307qed
2308
2309AOT_act_theorem "equiv-desc-eq2:1":
2310  x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2311  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2312        "equiv-desc-eq:1"[THEN "→E"]
2313        "RA[1]" "deduction-theorem" by blast
2314
2315AOT_act_theorem "equiv-desc-eq2:2":
2316  ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2317  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2318        "equiv-desc-eq:2"[THEN "→E", OF "&I"]
2319        "RA[1]" "deduction-theorem" "&E" by metis
2320
2321context russell_axiom
2322begin
2323AOT_theorem "nec-russell-axiom":
2324  ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2325proof -
2326  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
2327    using "nec-hintikka-scheme" "∀I" by fast
2328  show ?thesis
2329  proof(rule "≡I"; rule "→I")
2330    AOT_assume c: ψ{ιx φ{x}}
2331    AOT_hence d: ιx φ{x}
2332      using ψ_denotes_asm by blast
2333    AOT_hence y (y = ιx φ{x})
2334      by (metis "rule=I:1" "existential:1")
2335    then AOT_obtain a where a_def: a = ιx φ{x}
2336      using "instantiation"[rotated] by blast
2337    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a))
2338      using b "∀E" by blast
2339    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a)
2340      using "≡E" by blast
2341    moreover AOT_have ψ{a}
2342    proof - 
2343      AOT_have 1: xy(x = y  y = x)
2344        by (simp add: "id-eq:2" "universal-cor")
2345      AOT_have a = ιx φ{x}   ιx φ{x} = a
2346        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2347           (auto simp: d "universal-cor" 1)
2348      AOT_thus ψ{a}
2349        using a_def c "rule=E" "→E" by metis
2350    qed
2351    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a}
2352      by (rule "&I")
2353    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2354      by (rule "∃I")
2355  next
2356    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2357    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b}
2358      using "instantiation"[rotated] by blast
2359    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b))
2360      using b "∀E" by blast
2361    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b}
2362      using g "&E" by blast+
2363    AOT_hence b = ιx φ{x}
2364      using h "≡E" by blast
2365    AOT_thus ψ{ιx φ{x}}
2366      using j "rule=E" by blast
2367  qed
2368qed
2369end
2370
2371AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
2372proof (rule "≡I"; rule "→I")
2373  AOT_assume ιx φ{x}
2374  AOT_hence y (y = ιx φ{x})
2375    by (metis "rule=I:1" "existential:1")
2376  then AOT_obtain a where a = ιx φ{x}
2377    using "instantiation"[rotated] by blast
2378  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2379    using descriptions[axiom_inst] by blast
2380  ultimately AOT_have z(𝒜φ{z}  z = a)
2381    using "≡E" by blast
2382  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
2383  AOT_thus ∃!x 𝒜φ{x}
2384    using "uniqueness:2"[THEN "≡E"(2)] by fast
2385next
2386  AOT_assume ∃!x 𝒜φ{x}
2387  AOT_hence xz(𝒜φ{z}  z = x)
2388    using "uniqueness:2"[THEN "≡E"(1)] by fast
2389  then AOT_obtain a where z(𝒜φ{z}  z = a)
2390    using "instantiation"[rotated] by blast
2391  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2392    using descriptions[axiom_inst] by blast
2393  ultimately AOT_have a = ιx φ{x}
2394    using "≡E" by blast
2395  AOT_thus ιx φ{x}
2396    by (metis "t=t-proper:2" "vdash-properties:6")
2397qed
2398
2399AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
2400  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme"
2401        "reductio-aa:2" "vdash-properties:9" by blast
2402
2403(* Note: generalized alphabetic variant of the last theorem *)
2404AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
2405  using "actual-desc:2".
2406
2407AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
2408proof(rule "→I")
2409  AOT_assume ιx φ{x}
2410  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2411  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
2412  AOT_thus 𝒜φ{ιx φ{x}}
2413    using "actual-desc:2" "rule=E" "→E" by fast
2414qed
2415
2416AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
2417proof(rule "→I")
2418  AOT_assume 0: ιx φ{x} = ιx ψ{x}
2419  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
2420    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
2421  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x})
2422    by (metis "rule=I:1" "existential:1")+
2423  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2424    using "instantiation"[rotated] by metis
2425
2426  AOT_have αβ (α = β  β = α)
2427    by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2428  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2429    using "∀E" φ_down by blast
2430  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2431    using "∀E" ψ_down by blast
2432  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2433    "→E" by blast
2434
2435  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2436  proof(rule "≡I"; rule "→I")
2437    AOT_assume 𝒜φ{x}
2438    moreover AOT_have 𝒜φ{x}  x = a for x
2439      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)]
2440            "∀E" by blast
2441    ultimately AOT_have x = a
2442      using "→E" by blast
2443    AOT_hence x = ιx φ{x}
2444      using a_eq "rule=E" by blast
2445    AOT_hence x = ιx ψ{x}
2446      using 0 "rule=E" by blast
2447    AOT_thus 𝒜ψ{x}
2448      by (metis "actual-desc:3" "vdash-properties:6")
2449  next
2450    AOT_assume 𝒜ψ{x}
2451    moreover AOT_have 𝒜ψ{x}  x = b for x
2452      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)]
2453            "∀E" by blast
2454    ultimately AOT_have x = b
2455      using "→E" by blast
2456    AOT_hence x = ιx ψ{x}
2457      using b_eq "rule=E" by blast
2458    AOT_hence x = ιx φ{x}
2459      using 1 "rule=E" by blast
2460    AOT_thus 𝒜φ{x}
2461      by (metis "actual-desc:3" "vdash-properties:6")
2462  qed
2463  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2464    by (metis "Act-Basic:5" "≡E"(2))
2465  AOT_hence x 𝒜(φ{x}  ψ{x})
2466    by (rule "∀I")
2467  AOT_thus 𝒜x (φ{x}  ψ{x})
2468    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2469qed    
2470
2471AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2472proof(rule "→I")
2473  AOT_assume ∃!x φ{x}
2474  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2475    using "uniqueness:1"[THEN "≡dfE"] by blast
2476  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b)
2477    using "instantiation"[rotated] by blast
2478  AOT_show y (y = ιx φ{x}  φ{y})
2479  proof(rule GEN; rule "→I")
2480    fix y
2481    AOT_assume y = ιx φ{x}
2482    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y)
2483      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2484    AOT_hence 𝒜φ{b}  b = y
2485      using "&E" "∀E" by blast
2486    moreover AOT_have 𝒜φ{b}
2487      using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2488    ultimately AOT_have b = y
2489      using "→E" by blast
2490    moreover AOT_have φ{b}
2491      using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2492    ultimately AOT_show φ{y}
2493      using "rule=E" by blast
2494  qed
2495qed
2496
2497AOT_theorem "!box-desc:2":
2498  x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2499proof(rule "→I"; rule "→I")
2500  AOT_assume x (φ{x}  φ{x})
2501  moreover AOT_assume ∃!x φ{x}
2502  ultimately AOT_have ∃!x φ{x}
2503    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2504  AOT_thus y (y = ιx φ{x}  φ{y})
2505    using "!box-desc:1" "→E" by blast
2506qed
2507
2508(* Note: vacuous in the embedding. *)
2509AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ}
2510  by (simp add: "rule=I:1" "→I")
2511
2512subsection‹The Theory of Necessity›
2513text‹\label{PLM: 9.9}›
2514
2515AOT_theorem "RM:1[prem]":
2516  assumes Γ  φ  ψ
2517  shows Γ  φ  ψ
2518proof -
2519  AOT_have Γ  (φ  ψ)
2520    using "RN[prem]" assms by blast
2521  AOT_thus Γ  φ  ψ
2522    by (metis "qml:1"[axiom_inst] "→E")
2523qed
2524
2525AOT_theorem "RM:1":
2526  assumes  φ  ψ
2527  shows  φ  ψ
2528  using "RM:1[prem]" assms by blast
2529
2530lemmas RM = "RM:1"
2531
2532AOT_theorem "RM:2[prem]":
2533  assumes Γ  φ  ψ
2534  shows Γ  φ  ψ
2535proof -
2536  AOT_have Γ  ¬ψ  ¬φ
2537    using assms 
2538    by (simp add: "contraposition:1[1]")
2539  AOT_hence Γ  ¬ψ  ¬φ
2540    using "RM:1[prem]" by blast
2541  AOT_thus Γ  φ  ψ
2542    by (meson "≡dfE" "≡dfI" "conventions:5" "→I" "modus-tollens:1")
2543qed
2544
2545AOT_theorem "RM:2":
2546  assumes  φ  ψ
2547  shows  φ  ψ
2548  using "RM:2[prem]" assms by blast
2549
2550lemmas "RM◇" = "RM:2"
2551
2552AOT_theorem "RM:3[prem]":
2553  assumes Γ  φ  ψ
2554  shows Γ  φ  ψ
2555proof -
2556  AOT_have Γ  φ  ψ and Γ  ψ  φ
2557    using assms "≡E" "→I" by metis+
2558  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2559    using "RM:1[prem]" by metis+
2560  AOT_thus Γ  φ  ψ
2561    by (simp add: "≡I")
2562qed
2563
2564AOT_theorem "RM:3":
2565  assumes  φ  ψ
2566  shows  φ  ψ
2567  using "RM:3[prem]" assms by blast
2568
2569lemmas RE = "RM:3"
2570
2571AOT_theorem "RM:4[prem]":
2572  assumes Γ  φ  ψ
2573  shows Γ  φ  ψ
2574proof -
2575  AOT_have Γ  φ  ψ and Γ  ψ  φ
2576    using assms "≡E" "→I" by metis+
2577  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2578    using "RM:2[prem]" by metis+
2579  AOT_thus Γ  φ  ψ
2580    by (simp add: "≡I")
2581qed
2582
2583AOT_theorem "RM:4":
2584  assumes  φ  ψ
2585  shows  φ  ψ
2586  using "RM:4[prem]" assms by blast
2587
2588lemmas "RE◇" = "RM:4"
2589
2590AOT_theorem "KBasic:1": φ  (ψ  φ)
2591  by (simp add: RM "pl:1"[axiom_inst])
2592
2593AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2594  by (simp add: RM "useful-tautologies:3")
2595
2596AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2597proof (rule "≡I"; rule "→I")
2598  AOT_assume (φ & ψ)
2599  AOT_thus φ & ψ
2600    by (meson RM "&I" "Conjunction Simplification"(1, 2) "→E")
2601next
2602  AOT_have φ  (ψ  (φ & ψ))
2603    by (simp add: "RM:1" Adjunction)
2604  AOT_hence φ  (ψ  (φ & ψ))
2605    by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2606  moreover AOT_assume φ & ψ
2607  ultimately AOT_show (φ & ψ)
2608    using "→E" "&E" by blast
2609qed
2610
2611AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2612proof -
2613  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2614    by (fact "KBasic:3")
2615  AOT_modally_strict {
2616    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2617      by (fact "conventions:3"[THEN "≡Df"])
2618  }
2619  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2620    by (rule RE)
2621  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2622    using "≡E"(5) by blast
2623qed
2624
2625AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2626proof -
2627  AOT_have (φ  ψ)  (φ  ψ)
2628    by (fact "qml:1"[axiom_inst])
2629  moreover AOT_have (ψ  φ)  (ψ  φ)
2630    by (fact "qml:1"[axiom_inst])
2631  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2632    by (metis "&I" MP "Double Composition")
2633  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2634    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2635  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2636    by (metis "Hypothetical Syllogism")
2637qed
2638
2639AOT_theorem "KBasic:6": (φ  ψ)  (φ  ψ)
2640  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "→E" by blast
2641AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2642proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2643  AOT_assume φ & ψ
2644  AOT_hence φ and ψ using "&E" by blast+
2645  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2646  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2647  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2648next
2649  AOT_assume ¬φ & ¬ψ
2650  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2651  AOT_modally_strict {
2652    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2653      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2654  }
2655  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2656    by (rule RM)
2657  AOT_thus (φ  ψ) using 0 "→E" by blast
2658qed(auto)
2659
2660AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2661  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2662AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2663  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2664AOT_theorem "KBasic:10": φ  ¬¬φ
2665  by (simp add: "RM:3" "oth-class-taut:3:b")
2666AOT_theorem "KBasic:11": ¬φ  ¬φ
2667proof (rule "≡I"; rule "→I")
2668  AOT_show ¬φ if ¬φ
2669    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2670next
2671  AOT_show ¬φ if ¬φ
2672    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2673qed
2674AOT_theorem "KBasic:12": φ  ¬¬φ
2675proof (rule "≡I"; rule "→I")
2676  AOT_show ¬¬φ if φ
2677    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2678next
2679  AOT_show φ if ¬¬φ
2680  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2681qed
2682AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2683proof -
2684  AOT_have φ  ψ  φ  ψ by blast
2685  AOT_hence (φ  ψ)  φ  ψ
2686    using "RM:2[prem]" by blast
2687  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2688qed
2689lemmas "K◇" = "KBasic:13"
2690AOT_theorem "KBasic:14": φ  ¬¬φ
2691  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2692AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2693proof -
2694  AOT_modally_strict {
2695    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2696      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2697  }
2698  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2699    using RM by blast+
2700  AOT_thus (φ  ψ)  (φ  ψ)
2701    by (metis "∨E"(1) "deduction-theorem")
2702qed
2703
2704AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2705  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism"
2706            Importation "→E")
2707
2708AOT_theorem "rule-sub-lem:1:a":
2709  assumes  (ψ  χ)
2710  shows  ¬ψ  ¬χ
2711  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2712        "≡E"(1) "oth-class-taut:4:b" by blast
2713
2714AOT_theorem "rule-sub-lem:1:b":
2715  assumes  (ψ  χ)
2716  shows  (ψ  Θ)  (χ  Θ)
2717  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2718  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2719
2720AOT_theorem "rule-sub-lem:1:c":
2721  assumes  (ψ  χ)
2722  shows  (Θ  ψ)  (Θ  χ)
2723  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2724  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2725
2726AOT_theorem "rule-sub-lem:1:d":
2727  assumes for arbitrary α:  (ψ{α}  χ{α})
2728  shows  α ψ{α}  α χ{α}
2729proof -
2730  AOT_modally_strict {
2731    AOT_have α (ψ{α}  χ{α})
2732      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2733    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2734    AOT_show α ψ{α}  α χ{α}
2735    proof (rule "≡I"; rule "→I")
2736      AOT_assume α ψ{α}
2737      AOT_hence ψ{α} for α using "∀E" by blast
2738      AOT_hence χ{α} for α using 0 "≡E" by blast
2739      AOT_thus α χ{α} by (rule "∀I")
2740    next
2741      AOT_assume α χ{α}
2742      AOT_hence χ{α} for α using "∀E" by blast
2743      AOT_hence ψ{α} for α using 0 "≡E" by blast
2744      AOT_thus α ψ{α} by (rule "∀I")
2745    qed
2746  }
2747qed
2748
2749AOT_theorem "rule-sub-lem:1:e":
2750  assumes  (ψ  χ)
2751  shows   ψ]   χ]
2752  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2753  using "≡E"(1) "propositions-lemma:6" by blast
2754
2755AOT_theorem "rule-sub-lem:1:f":
2756  assumes  (ψ  χ)
2757  shows  𝒜ψ  𝒜χ
2758  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2759  by (metis "Act-Basic:5" "≡E"(1))
2760
2761AOT_theorem "rule-sub-lem:1:g":
2762  assumes  (ψ  χ)
2763  shows  ψ  χ
2764  using "KBasic:6" assms "vdash-properties:6" by blast
2765
2766text‹Note that instead of deriving @{text "rule-sub-lem:2"},
2767     @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2768     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2769
2770class AOT_subst =
2771  fixes AOT_subst :: "('a  𝗈)  bool"
2772    and AOT_subst_cond :: "'a  'a  bool"
2773  assumes AOT_subst:
2774    "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2775
2776named_theorems AOT_substI
2777
2778instantiation 𝗈 :: AOT_subst
2779begin
2780
2781inductive AOT_subst_𝗈 where
2782  AOT_subst_𝗈_id[AOT_substI]:
2783    AOT_subst_𝗈 (λφ. φ)
2784  | AOT_subst_𝗈_const[AOT_substI]:
2785    AOT_subst_𝗈 (λφ. ψ)
2786  | AOT_subst_𝗈_not[AOT_substI]:
2787    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)
2788  | AOT_subst_𝗈_imp[AOT_substI]:
2789    AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)
2790  | AOT_subst_𝗈_lambda0[AOT_substI]:
2791    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))
2792  | AOT_subst_𝗈_act[AOT_substI]:
2793    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)
2794  | AOT_subst_𝗈_box[AOT_substI]:
2795    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)
2796  | AOT_subst_𝗈_by_def[AOT_substI]:
2797    ( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ)) 
2798      AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ
2799
2800
2801definition AOT_subst_cond_𝗈 where
2802  AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]
2803
2804instance
2805proof
2806  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2807  assume cond: ‹AOT_subst_cond ψ χ
2808  assume ‹AOT_subst φ
2809  moreover AOT_have  ψ  χ
2810    using cond unfolding AOT_subst_cond_𝗈_def by blast
2811  ultimately AOT_show  φ{ψ}  φ{χ}
2812  proof (induct arbitrary: ψ χ)
2813    case AOT_subst_𝗈_id
2814    thus ?case
2815      using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2816  next
2817    case (AOT_subst_𝗈_const ψ)
2818    thus ?case
2819      by (simp add: "oth-class-taut:3:a")
2820  next
2821    case (AOT_subst_𝗈_not Θ)
2822    thus ?case
2823      by (simp add: RN "rule-sub-lem:1:a")
2824  next
2825    case (AOT_subst_𝗈_imp Θ Ξ)
2826    thus ?case
2827      by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2828  next
2829    case (AOT_subst_𝗈_lambda0 Θ)
2830    thus ?case
2831      by (simp add: RN "rule-sub-lem:1:e")
2832  next
2833    case (AOT_subst_𝗈_act Θ)
2834    thus ?case
2835      by (simp add: RN "rule-sub-lem:1:f")
2836  next
2837    case (AOT_subst_𝗈_box Θ)
2838    thus ?case
2839      by (simp add: RN "rule-sub-lem:1:g")
2840  next
2841    case (AOT_subst_𝗈_by_def Θ Ξ)
2842    AOT_modally_strict {
2843      AOT_have Ξ{ψ}  Ξ{χ}
2844        using AOT_subst_𝗈_by_def by simp
2845      AOT_thus Θ{ψ}  Θ{χ}
2846        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ]
2847              "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2848        by (metis "≡E"(6) "oth-class-taut:3:a")
2849    }
2850  qed
2851qed
2852end
2853
2854instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2855begin
2856
2857definition AOT_subst_cond_fun :: ('a  'b)  ('a  'b)  bool› where
2858  AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α))
2859                                                      (ψ (AOT_term_of_var α))
2860
2861inductive AOT_subst_fun :: (('a  'b)  𝗈)  bool› where
2862  AOT_subst_fun_const[AOT_substI]:
2863    AOT_subst_fun (λφ. ψ)
2864  | AOT_subst_fun_id[AOT_substI]:
2865    ‹AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))
2866  | AOT_subst_fun_all[AOT_substI]:
2867    ‹AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α))) 
2868     AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)
2869  | AOT_subst_fun_not[AOT_substI]:
2870    ‹AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)
2871  | AOT_subst_fun_imp[AOT_substI]:
2872    ‹AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)
2873  | AOT_subst_fun_lambda0[AOT_substI]:
2874    ‹AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))
2875  | AOT_subst_fun_act[AOT_substI]:
2876    ‹AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)
2877  | AOT_subst_fun_box[AOT_substI]:
2878    ‹AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)
2879  | AOT_subst_fun_def[AOT_substI]:
2880    ( φ . AOT_model_equiv_def (Θ φ) (Ψ φ)) 
2881     AOT_subst_fun Ψ  AOT_subst_fun Θ
2882
2883instance proof
2884  fix ψ χ :: 'a  'b and φ :: ('a  'b)  𝗈›
2885  assume ‹AOT_subst φ
2886  moreover assume cond: ‹AOT_subst_cond ψ χ
2887  ultimately AOT_show  «φ ψ»  «φ χ»
2888  proof(induct)
2889    case (AOT_subst_fun_const ψ)
2890    then show ?case by (simp add: "oth-class-taut:3:a")
2891  next
2892  case (AOT_subst_fun_id Ψ x)
2893  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2894  next
2895  next
2896  case (AOT_subst_fun_all Ψ Θ)
2897  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2898    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2899  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2900    by (simp add: RN "rule-sub-lem:1:d"
2901                  AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2902  next
2903  case (AOT_subst_fun_not Ψ)
2904  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2905  next
2906  case (AOT_subst_fun_imp Ψ Θ)
2907  then show ?case 
2908    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2909    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "→E")
2910  next
2911  case (AOT_subst_fun_lambda0 Θ)
2912  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2913  next
2914  case (AOT_subst_fun_act Θ)
2915  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2916  next
2917  case (AOT_subst_fun_box Θ)
2918  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2919  next
2920  case (AOT_subst_fun_def Θ Ψ)
2921  then show ?case
2922    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2923  qed
2924qed
2925end
2926
2927ML2928fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2929  fun findHeadConst (Const x) = SOME x
2930    | findHeadConst (A $ _) = findHeadConst A
2931    | findHeadConst _ = NONE
2932  fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _)
2933      = findHeadConst lhs
2934    | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2935    | findDef (Abs (_,_,c)) = findDef c
2936    | findDef _ = NONE
2937  val const_opt = (findDef trm)
2938  val defs = case const_opt of SOME const => List.filter (fn thm => let
2939      val concl = Thm.concl_of thm
2940      val thmconst = (findDef concl)
2941      in case thmconst of SOME (c,_) => fst const = c | _ => false end)
2942      (AOT_Definitions.get ctxt)
2943      | _ => []
2944  val tac = case defs of
2945            [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2946            | _ => resolve_tac ctxt defs 1
2947  in tac end) 1)
2948fun getSubstThm ctxt reversed phi p q = let
2949val p_ty = Term.type_of p
2950val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2951val abs = Syntax.check_term ctxt abs
2952val substThm = Goal.prove ctxt [] [] abs
2953  (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2954val substThm = substThm RS @{thm AOT_subst}
2955fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
2956val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
2957fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
2958val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
2959in if reversed then let
2960  val substThm = Drule.instantiate_normalize
2961          (TVars_empty,Vars_make [((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2962          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2963  val substThm = substThm RS @{thm "≡E"(1)}
2964  in substThm end
2965else
2966  let
2967  val substThm = Drule.instantiate_normalize
2968          (TVars_empty,Vars_make [((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2969          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2970  val substThm = substThm RS @{thm "≡E"(2)}
2971  in substThm end end
2972
2973
2974method_setup AOT_subst = 2975Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2976Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax) --
2977Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |--
2978Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) --
2979Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
2980>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
2981(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
2982  prems = prems, asms = asms, concl = concl, schematics = _} =>
2983let
2984val thms = prems
2985val ctxt' = ctxt
2986val ctxt = Context_Position.set_visible false ctxt
2987val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
2988
2989val ctxt = (fold (fn (bound, ty) => fn ctxt =>
2990  let
2991    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
2992    val ty = Option.map (Syntax.read_typ ctxt) ty
2993    val ctxt = case ty of SOME ty => let
2994        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
2995        val bound = Syntax.check_term ctxt bound
2996      in Variable.declare_term bound ctxt end | _ => ctxt
2997  in ctxt end)) raw_bounds ctxt
2998
2999val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
3000val p = Syntax.check_term ctxt p
3001val ctxt = Variable.declare_term p ctxt
3002val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
3003val q = Syntax.check_term ctxt q
3004val ctxt = Variable.declare_term q ctxt
3005
3006val bounds = (map (fn (bound, _) =>
3007  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound)
3008)) raw_bounds
3009val p = fold (fn bound => fn p =>
3010  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)))
3011  bounds p
3012val p = Syntax.check_term ctxt p
3013val p_ty = Term.type_of p
3014
3015val pat = @{const Trueprop} $
3016  (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $
3017   (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
3018val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
3019val univ = hd (Seq.list_of univ) (* TODO: consider all matches *)
3020val phi = the (Envir.lookup univ
3021  (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
3022
3023val q = fold (fn bound => fn q =>
3024  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q))) bounds q
3025val q = Syntax.check_term ctxt q
3026
3027(* Reparse to report bounds as fixes. *)
3028val ctxt = Context_Position.restore_visible ctxt' ctxt
3029val ctxt' = ctxt
3030fun unsource str = fst (Input.source_content (Syntax.read_input str))
3031val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) =>
3032  (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds)
3033  ctxt'
3034val _ = (map (fn (x,_) =>
3035  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x)))
3036  raw_bounds
3037val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
3038val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
3039val reversed = case reversed of SOME _ => true | _ => false
3040val simpThms = [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]
3041in
3042resolve_tac ctxt [getSubstThm ctxt reversed phi p q] 1
3043THEN simp_tac (ctxt addsimps simpThms) 1
3044THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
3045THEN (TRY (resolve_tac ctxt thms 1))
3046end
3047) ctxt 1))))
3048
3049
3050method_setup AOT_subst_def = 3051Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3052Attrib.thm
3053>> (fn (reversed,fact) => (fn ctxt =>
3054(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3055  prems = prems, asms = asms, concl = concl, schematics = _} =>
3056let
3057val c = Thm.concl_of fact
3058val (lhs, rhs) = case c of (const‹Trueprop› $
3059    (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
3060  | _ => raise Fail "Definition expected."
3061val substCond = HOLogic.mk_Trueprop
3062  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3063val substCond = Syntax.check_term
3064  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3065  substCond
3066val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3067  @{thm AOT_subst_cond_fun_def},
3068  fact RS @{thm "≡Df"}]
3069val substCondThm = Goal.prove ctxt [] [] substCond
3070  (fn {context=ctxt, prems=prems} =>
3071      (SUBGOAL (fn (trm,int) =>
3072        auto_tac (ctxt addsimps simpThms)) 1))
3073val substThm = substCondThm RSN (2,@{thm AOT_subst})
3074in
3075resolve_tac ctxt [substThm RS
3076  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3077THEN prove_AOT_subst_tac ctxt
3078THEN (TRY (resolve_tac ctxt prems 1))
3079end
3080) ctxt 1))))
3081
3082
3083method_setup AOT_subst_thm = 3084Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3085Attrib.thm
3086>> (fn (reversed,fact) => (fn ctxt =>
3087(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3088  prems = prems, asms = asms, concl = concl, schematics = _} =>
3089let
3090val c = Thm.concl_of fact
3091val (lhs, rhs) = case c of
3092  (const‹Trueprop› $
3093   (const‹AOT_model_valid_in› $ _ $
3094    (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
3095  | _ => raise Fail "Equivalence expected."
3096
3097val substCond = HOLogic.mk_Trueprop
3098  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3099val substCond = Syntax.check_term
3100  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3101  substCond
3102val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3103  @{thm AOT_subst_cond_fun_def},
3104  fact]
3105val substCondThm = Goal.prove ctxt [] [] substCond
3106  (fn {context=ctxt, prems=prems} =>
3107      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps simpThms)) 1))
3108val substThm = substCondThm RSN (2,@{thm AOT_subst})
3109in
3110resolve_tac ctxt [substThm RS
3111  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3112THEN prove_AOT_subst_tac ctxt
3113THEN (TRY (resolve_tac ctxt prems 1))
3114end
3115) ctxt 1))))
3116
3117
3118AOT_theorem "rule-sub-remark:1[1]":
3119  assumes  A!x  ¬E!x and ¬A!x
3120  shows ¬¬E!x
3121  by (AOT_subst (reverse) ¬E!x A!x)
3122     (auto simp: assms) 
3123
3124AOT_theorem "rule-sub-remark:1[2]":
3125  assumes  A!x  ¬E!x and  ¬¬E!x
3126  shows ¬A!x
3127  by (AOT_subst A!x ¬E!x)
3128     (auto simp: assms)
3129
3130AOT_theorem "rule-sub-remark:2[1]":
3131  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3132      and p  [R]xy
3133  shows p  [R]xy & ([Q]a  ¬[Q]a)
3134  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3135
3136AOT_theorem "rule-sub-remark:2[2]":
3137  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3138      and p  [R]xy & ([Q]a  ¬[Q]a)
3139  shows p  [R]xy
3140  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3141
3142AOT_theorem "rule-sub-remark:3[1]":
3143  assumes for arbitrary x:  A!x  ¬E!x
3144      and x A!x
3145    shows x ¬E!x
3146  by (AOT_subst (reverse) ¬E!x A!x for: x)
3147     (auto simp: assms)
3148
3149AOT_theorem "rule-sub-remark:3[2]":
3150  assumes for arbitrary x:  A!x  ¬E!x
3151      and x ¬E!x
3152    shows x A!x
3153  by (AOT_subst A!x ¬E!x for: x)
3154     (auto simp: assms)
3155
3156AOT_theorem "rule-sub-remark:4[1]":
3157  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x
3158  shows 𝒜[P]x
3159  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3160
3161AOT_theorem "rule-sub-remark:4[2]":
3162  assumes  ¬¬[P]x  [P]x and 𝒜[P]x
3163  shows 𝒜¬¬[P]x
3164  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3165
3166AOT_theorem "rule-sub-remark:5[1]":
3167  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ)
3168  shows (¬ψ  ¬φ)
3169  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3170
3171AOT_theorem "rule-sub-remark:5[2]":
3172  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ)
3173  shows (φ  ψ) 
3174  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3175
3176AOT_theorem "rule-sub-remark:6[1]":
3177  assumes  ψ  χ and (φ  ψ)
3178  shows (φ  χ) 
3179  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3180
3181AOT_theorem "rule-sub-remark:6[2]":
3182  assumes  ψ  χ and (φ  χ)
3183  shows (φ  ψ)
3184  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3185
3186AOT_theorem "rule-sub-remark:7[1]":
3187  assumes  φ  ¬¬φ and (φ  φ)
3188  shows (¬¬φ  φ) 
3189  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3190
3191AOT_theorem "rule-sub-remark:7[2]":
3192  assumes  φ  ¬¬φ and (¬¬φ  φ)
3193  shows (φ  φ)
3194  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3195
3196AOT_theorem "KBasic2:1": ¬φ  ¬φ
3197  by (meson "conventions:5" "contraposition:2"
3198            "Hypothetical Syllogism" "df-rules-formulas[3]"
3199            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
3200
3201AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
3202proof -
3203  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
3204    by (simp add: "RE◇" "oth-class-taut:5:b")
3205  also AOT_have   ¬(¬φ & ¬ψ)
3206    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3207  also AOT_have   ¬(¬φ & ¬ψ)
3208    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
3209  also AOT_have   ¬(¬φ & ¬ψ)
3210    using "KBasic2:1"
3211    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ;
3212        auto simp: "oth-class-taut:3:a")
3213  also AOT_have   ¬¬(φ  ψ)
3214    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
3215  also AOT_have   φ  ψ
3216    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
3217  finally show ?thesis .
3218qed
3219
3220AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
3221  by (metis "RM◇" "&I" "Conjunction Simplification"(1,2)
3222            "→I" "modus-tollens:1" "reductio-aa:1")
3223
3224AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
3225proof -
3226  AOT_have (φ  ψ)  (¬φ  ψ)
3227    by (AOT_subst φ  ψ ¬φ  ψ)
3228       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
3229  also AOT_have ...  ¬φ  ψ
3230    by (simp add: "KBasic2:2")
3231  also AOT_have ...  ¬φ  ψ
3232    by (AOT_subst ¬φ ¬φ)
3233       (auto simp: "KBasic:11" "oth-class-taut:3:a")
3234  also AOT_have ...  φ  ψ
3235    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
3236  finally show ?thesis .
3237qed
3238
3239AOT_theorem "KBasic2:5": φ  ¬¬φ
3240  using "conventions:5"[THEN "≡Df"]
3241  by (AOT_subst φ ¬¬φ;
3242      AOT_subst ¬¬φ ¬¬¬¬φ;
3243      AOT_subst (reverse) ¬¬¬φ ¬φ)
3244     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
3245
3246
3247AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
3248proof(rule "→I"; rule "raa-cor:1")
3249  AOT_assume (φ  ψ)
3250  AOT_hence (¬φ  ψ)
3251    using "conventions:2"[THEN "≡Df"]
3252    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
3253  AOT_hence 1: ¬φ  ψ
3254    using "KBasic:13" "vdash-properties:10" by blast
3255  AOT_assume ¬(φ  ψ)
3256  AOT_hence ¬φ and ¬ψ
3257    using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
3258  AOT_thus ψ & ¬ψ
3259    using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
3260qed
3261
3262AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
3263proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3264  AOT_assume (φ  ψ)
3265  AOT_hence 1: φ  ψ
3266    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
3267  AOT_assume ¬φ
3268  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
3269  AOT_thus ψ using 1 "∨E"(2) by blast
3270qed
3271
3272AOT_theorem "T-S5-fund:1": φ  φ
3273  by (meson "≡dfI" "conventions:5" "contraposition:2"
3274            "Hypothetical Syllogism" "→I" "qml:2"[axiom_inst])
3275lemmas "T◇" = "T-S5-fund:1"
3276
3277AOT_theorem "T-S5-fund:2": φ  φ
3278proof(rule "→I")
3279  AOT_assume φ
3280  AOT_hence ¬¬φ
3281    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
3282  moreover AOT_have ¬φ  ¬φ
3283    by (fact "qml:3"[axiom_inst])
3284  ultimately AOT_have ¬¬φ
3285    using "modus-tollens:1" by blast
3286  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
3287qed
3288lemmas "5◇" = "T-S5-fund:2"
3289
3290AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
3291  by (AOT_subst 𝒜¬φ ¬𝒜φ)
3292     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
3293
3294AOT_theorem "Act-Sub:2": φ  𝒜φ
3295  using "conventions:5"[THEN "≡Df"]
3296  by (AOT_subst φ ¬¬φ)
3297     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
3298            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
3299
3300AOT_theorem "Act-Sub:3": 𝒜φ  φ
3301  using "conventions:5"[THEN "≡Df"]
3302  by (AOT_subst φ ¬¬φ)
3303     (metis "Act-Sub:1" "→I" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
3304
3305AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
3306proof (rule "≡I"; rule "→I")
3307  AOT_assume 𝒜φ
3308  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
3309next
3310  AOT_assume 𝒜φ
3311  AOT_hence ¬¬𝒜φ
3312    using "≡dfE" "conventions:5" by blast
3313  AOT_hence ¬𝒜¬φ
3314    by (AOT_subst 𝒜¬φ ¬𝒜φ)
3315       (simp add: "logic-actual-nec:1"[axiom_inst])
3316  AOT_thus 𝒜φ
3317    using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4)
3318          "reductio-aa:1" by blast
3319qed
3320
3321AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
3322  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "→I" "≡E"(1) "≡E"(2) "→E")
3323
3324AOT_theorem "S5Basic:1": φ  φ
3325  by (simp add: "≡I" "qml:2"[axiom_inst] "qml:3"[axiom_inst])
3326
3327AOT_theorem "S5Basic:2": φ  φ
3328  by (simp add: "T◇" "5◇" "≡I")
3329
3330AOT_theorem "S5Basic:3": φ  φ
3331  using "T◇" "Hypothetical Syllogism" "qml:3"[axiom_inst] by blast
3332lemmas "B" = "S5Basic:3"
3333
3334AOT_theorem "S5Basic:4": φ  φ
3335  using "5◇" "Hypothetical Syllogism" "qml:2"[axiom_inst] by blast
3336lemmas "B◇" = "S5Basic:4"
3337
3338AOT_theorem "S5Basic:5": φ  φ
3339  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
3340lemmas "4" = "S5Basic:5"
3341
3342AOT_theorem "S5Basic:6": φ  φ
3343  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
3344
3345AOT_theorem "S5Basic:7": φ  φ
3346  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
3347  by (AOT_subst φ ¬¬φ;
3348      AOT_subst φ ¬¬φ;
3349      AOT_subst (reverse) ¬¬¬φ ¬φ;
3350      AOT_subst (reverse) ¬φ ¬φ)
3351     (auto simp: "S5Basic:6" "if-p-then-p")
3352
3353lemmas "4◇" = "S5Basic:7"
3354
3355AOT_theorem "S5Basic:8": φ  φ
3356  by (simp add: "4◇" "T◇" "≡I")
3357
3358AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
3359  apply (rule "≡I"; rule "→I")
3360  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10"
3361   apply blast
3362  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1)
3363            "con-dis-taut:7" "intro-elim:1" "Commutativity of ∨")
3364
3365AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
3366(* Note: nicely this proof is entirely sledgehammer generated *)
3367proof(rule "≡I"; rule "→I")
3368  AOT_assume (φ  ψ)
3369  AOT_hence φ  ψ
3370    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
3371  AOT_thus φ  ψ
3372    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
3373next
3374  AOT_assume φ  ψ
3375  AOT_hence φ  ψ
3376    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
3377  AOT_thus (φ  ψ)
3378    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1,2))
3379qed
3380
3381AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
3382proof -
3383  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
3384    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
3385       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
3386  also AOT_have   ¬(¬φ  ¬ψ)
3387    by (AOT_subst ¬ψ ¬ψ)
3388       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
3389  also AOT_have   ¬(¬φ  ¬ψ)
3390    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3391  also AOT_have   ¬(¬φ  ¬ψ)
3392    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
3393  also AOT_have   ¬(¬φ  ¬ψ)
3394    using "KBasic2:1"
3395    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
3396       (auto simp:  "oth-class-taut:3:a")
3397  also AOT_have   φ & ψ
3398    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
3399  finally show ?thesis .
3400qed
3401
3402AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
3403proof (rule "≡I"; rule "→I")
3404  AOT_assume (φ & ψ)
3405  AOT_hence φ & ψ
3406    using "KBasic2:3" "vdash-properties:6" by blast
3407  AOT_thus φ & ψ
3408    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
3409next
3410  AOT_assume φ & ψ
3411  moreover AOT_have (ψ & φ)  (φ & ψ)
3412    by (AOT_subst φ & ψ ψ & φ)
3413       (auto simp: "Commutativity of &" "KBasic:16")
3414  ultimately AOT_show (φ & ψ)
3415    by (metis "4" "&I" "Conjunction Simplification"(1,2) "→E")
3416qed
3417
3418AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
3419proof (rule "≡I")
3420  AOT_modally_strict {
3421    AOT_have (φ  ψ)  (φ  ψ)
3422      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "→I")
3423  }
3424  AOT_hence (φ  ψ)  (φ  ψ)
3425    by (rule RM)
3426  AOT_thus  (φ  ψ)  (φ  ψ)
3427    using "4" "Hypothetical Syllogism" by blast
3428next
3429  AOT_modally_strict {
3430    AOT_have (φ  ψ)  (φ  ψ)
3431      by (meson "B" "Hypothetical Syllogism" "→I" "qml:1"[axiom_inst])
3432  }
3433  AOT_hence  (φ  ψ)  (φ  ψ)
3434    by (rule RM)
3435  AOT_thus (φ  ψ)  (φ  ψ)
3436    using "4" "Hypothetical Syllogism" by blast
3437qed
3438
3439AOT_theorem "derived-S5-rules:1":
3440  assumes Γ  φ  ψ
3441  shows Γ  φ  ψ
3442proof -
3443  AOT_have Γ  φ  ψ
3444    using assms by (rule "RM:1[prem]")
3445  AOT_thus Γ  φ  ψ
3446    using "B" "Hypothetical Syllogism" by blast
3447qed
3448
3449AOT_theorem "derived-S5-rules:2":
3450  assumes Γ  φ  ψ
3451  shows Γ  φ  ψ
3452proof -
3453  AOT_have Γ  φ  ψ
3454    using assms by (rule "RM:2[prem]")
3455  AOT_thus Γ  φ  ψ
3456    using "B◇" "Hypothetical Syllogism" by blast
3457qed
3458
3459AOT_theorem "BFs:1": α φ{α}  α φ{α}
3460proof -
3461  AOT_modally_strict {
3462    AOT_have α φ{α}  φ{α} for α
3463      using "cqt-orig:3" by (rule "RM◇")
3464    AOT_hence α φ{α}  α φ{α}
3465      using "B◇" "∀I" "→E" "→I" by metis
3466  }
3467  thus ?thesis
3468    using "derived-S5-rules:1" by blast
3469qed
3470lemmas "BF" = "BFs:1"
3471
3472AOT_theorem "BFs:2": α φ{α}  α φ{α}
3473proof -
3474  AOT_have α φ{α}  φ{α} for α
3475    using RM "cqt-orig:3" by metis
3476  thus ?thesis
3477    using "cqt-orig:2"[THEN "→E"] "∀I" by metis
3478qed
3479lemmas "CBF" = "BFs:2"
3480
3481AOT_theorem "BFs:3": α φ{α}  α φ{α}
3482proof(rule "→I")
3483  AOT_modally_strict {
3484    AOT_have α ¬φ{α}  α ¬φ{α}
3485      using BF CBF "≡I" by blast
3486  } note θ = this
3487
3488  AOT_assume α φ{α}
3489  AOT_hence ¬¬(α φ{α})
3490    using "≡dfE" "conventions:5" by blast
3491  AOT_hence ¬α ¬φ{α}
3492    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
3493    using "≡dfI" "conventions:3" "conventions:4" "&I"
3494          "contraposition:2" "cqt-further:4"
3495          "df-rules-formulas[3]" by blast
3496  AOT_hence ¬α ¬φ{α}
3497    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
3498    using θ by blast
3499  AOT_hence ¬α ¬¬¬φ{α}
3500    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
3501       (simp add: "oth-class-taut:3:b")
3502  AOT_hence α ¬¬φ{α}
3503    by (rule "conventions:4"[THEN "≡dfI"])
3504  AOT_thus α φ{α}
3505    using "conventions:5"[THEN "≡Df"]
3506    by (AOT_subst φ{α} ¬¬φ{α} for: α)
3507qed
3508lemmas "BF◇" = "BFs:3"
3509
3510AOT_theorem "BFs:4": α φ{α}  α φ{α}
3511proof(rule "→I")
3512  AOT_assume α φ{α}
3513  AOT_hence ¬α ¬φ{α}
3514    using "conventions:4"[THEN "≡dfE"] by blast
3515  AOT_hence ¬α ¬φ{α}
3516    using "KBasic2:1"
3517    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
3518  moreover AOT_have α ¬φ{α}  α ¬φ{α}
3519    using "≡I" "BF" "CBF" by metis
3520  ultimately AOT_have 1: ¬α ¬φ{α}
3521    using "≡E"(3) by blast
3522  AOT_show α φ{α}
3523    apply (rule "conventions:5"[THEN "≡dfI"])
3524    apply (AOT_subst α φ{α} ¬α ¬φ{α})
3525     apply (simp add: "conventions:4" "≡Df")
3526    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
3527    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
3528qed
3529lemmas "CBF◇" = "BFs:4"
3530
3531AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
3532proof(rule "→I")
3533  AOT_assume α φ{α}
3534  then AOT_obtain α where φ{α} using "∃E" by metis
3535  moreover AOT_have α
3536    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
3537  moreover AOT_have φ{τ}, τ  α φ{α} for τ
3538  proof -
3539    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
3540    AOT_thus φ{τ}, τ  α φ{α}
3541      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
3542  qed
3543  ultimately AOT_show α φ{α} by blast
3544qed
3545lemmas Buridan = "sign-S5-thm:1"
3546
3547AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
3548proof -
3549  AOT_have α (α φ{α}  φ{α})
3550    by (simp add: "RM◇" "cqt-orig:3" "∀I")
3551  AOT_thus α φ{α}  α φ{α}
3552    using "∀E"(4) "∀I" "→E" "→I" by metis
3553qed
3554lemmas "Buridan◇" = "sign-S5-thm:2"
3555
3556AOT_theorem "sign-S5-thm:3":
3557  α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
3558  apply (rule "RM:2")
3559  by (metis (no_types, lifting) "∃E" "&I" "&E"(1) "&E"(2) "→I" "∃I"(2))
3560
3561AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
3562  apply (rule "RM:2")
3563  by (meson "instantiation" "&E"(1) "→I" "∃I"(2))
3564
3565AOT_theorem "sign-S5-thm:5":
3566  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
3567proof -
3568  {
3569    fix φ' ψ' χ'
3570    AOT_assume  φ' & ψ'  χ'
3571    AOT_hence φ' & ψ'  χ'
3572      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3573      using "&E" "&I" "→E" "→I" by metis
3574  } note R = this
3575  show ?thesis by (rule R; fact AOT)
3576qed
3577
3578AOT_theorem "sign-S5-thm:6":
3579  (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
3580proof -
3581  {
3582    fix φ' ψ' χ'
3583    AOT_assume  φ' & ψ'  χ'
3584    AOT_hence φ' & ψ'  χ'
3585      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3586      using "&E" "&I" "→E" "→I" by metis
3587  } note R = this
3588  show ?thesis by (rule R; fact AOT)
3589qed
3590
3591AOT_theorem "exist-nec2:1": τ  τ
3592  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3593
3594AOT_theorem "exists-nec2:2": τ  τ
3595  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec"
3596            "exist-nec2:1" "≡I" "nec-imp-act")
3597
3598AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3599  using "KBasic2:1" "→I" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3600
3601AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3602  by (metis "Act-Sub:3" "KBasic:12" "→I" "exist-nec" "exists-nec2:3"
3603            "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3604
3605AOT_theorem "id-nec2:1": α = β  α = β
3606  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3607
3608AOT_theorem "id-nec2:2": α  β  α  β
3609  apply (AOT_subst α  β ¬(α = β))
3610  using "=-infix"[THEN "≡Df"] apply blast
3611  using "KBasic2:1" "→I" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3612
3613AOT_theorem "id-nec2:3": α  β  α  β
3614  apply (AOT_subst α  β ¬(α = β))
3615  using "=-infix"[THEN "≡Df"] apply blast
3616  by (metis "KBasic:11" "→I" "id-nec:2" "≡E"(3) "reductio-aa:2" "→E")
3617
3618AOT_theorem "id-nec2:4": α = β  α = β
3619  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3620
3621AOT_theorem "id-nec2:5": α  β  α  β
3622  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3623
3624AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3625  apply (rule "≡I"; rule "→I")
3626  using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" apply blast
3627  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2)
3628            "raa-cor:5" "→E")
3629
3630AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3631  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "→I" "≡I"
3632            "nec-imp-act" "raa-cor:2" "→E")
3633
3634AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3635proof (rule "→I"; rule "≡I"; rule "→I")
3636  AOT_assume (φ  φ)
3637  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3638  moreover AOT_assume ¬φ
3639  ultimately AOT_have ¬φ
3640    using "modus-tollens:1" by blast
3641  AOT_thus ¬φ
3642    using "KBasic2:1" "≡E"(2) by blast
3643next
3644  AOT_assume (φ  φ)
3645  moreover AOT_assume ¬φ
3646  ultimately AOT_show ¬φ
3647    using "modus-tollens:1" "qml:2"[axiom_inst] "→E" by blast
3648qed
3649
3650AOT_theorem "sc-eq-box-box:4":
3651  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3652proof(rule "→I"; rule "→I")
3653  AOT_assume θ: (φ  φ) & (ψ  ψ)
3654  AOT_assume ξ: φ  ψ
3655  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3656    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3657  moreover {
3658    AOT_assume φ & ψ
3659    AOT_hence (φ  ψ)
3660      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3661  }
3662  moreover {
3663    AOT_assume ¬φ & ¬ψ
3664    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3665      using θ "Conjunction Simplification"(1,2)
3666            "sc-eq-box-box:3" "→E" by metis+
3667    ultimately AOT_have ¬φ & ¬ψ
3668      by (metis "&I" "Conjunction Simplification"(1,2)
3669                "≡E"(4) "modus-tollens:1" "raa-cor:3")
3670    AOT_hence (φ  ψ)
3671      using "KBasic:3" "KBasic:9" "≡E"(2) "→E" by blast
3672  }
3673  ultimately AOT_show (φ  ψ)
3674    using "∨E"(2) "reductio-aa:1" by blast
3675qed
3676
3677AOT_theorem "sc-eq-box-box:5":
3678  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3679proof (rule "→I")
3680  AOT_assume ((φ  φ) & (ψ  ψ))
3681  AOT_hence ((φ  φ) & (ψ  ψ))
3682    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3683  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3684  proof (rule RM; rule "→I"; rule "→I")
3685    AOT_modally_strict {
3686      AOT_assume A: ((φ  φ) & (ψ  ψ))
3687      AOT_hence φ  φ and ψ  ψ
3688        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3689      moreover AOT_assume φ  ψ
3690      ultimately AOT_have φ  ψ
3691        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3692      moreover AOT_have (φ  ψ)  (φ  ψ)
3693        using A "sc-eq-box-box:4" "→E" by blast
3694      ultimately AOT_show (φ  ψ) using "→E" by blast
3695    }
3696  qed
3697  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3698qed
3699
3700AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3701proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3702  AOT_assume ¬(φ  ψ)
3703  AOT_hence ¬(φ  ψ)
3704    by (metis "KBasic:11" "≡E"(1))
3705  AOT_hence (φ & ¬ψ)
3706    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3707       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3708  AOT_hence φ and 2: ¬ψ
3709    using "KBasic2:3"[THEN "→E"] "&E" by blast+
3710  moreover AOT_assume (φ  φ)
3711  ultimately AOT_have φ
3712    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3713  AOT_hence φ
3714    using "qml:2"[axiom_inst, THEN "→E"] by blast
3715  moreover AOT_assume φ  ψ
3716  ultimately AOT_have ψ
3717    using "→E" by blast
3718  moreover AOT_have ¬ψ
3719    using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3720  ultimately AOT_show ψ & ¬ψ
3721    using "&I" by blast
3722qed
3723
3724AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3725proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3726  AOT_assume ¬𝒜(φ  ψ)
3727  AOT_hence 𝒜¬(φ  ψ)
3728    by (metis "Act-Basic:1" "∨E"(2))
3729  AOT_hence 𝒜(φ & ¬ψ)
3730    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3731       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3732  AOT_hence 𝒜φ and 2: 𝒜¬ψ
3733    using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3734  AOT_hence φ
3735    by (metis "Act-Sub:3" "→E")
3736  moreover AOT_assume (φ  φ)
3737  ultimately AOT_have φ
3738    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3739  AOT_hence φ
3740    using "qml:2"[axiom_inst, THEN "→E"] by blast
3741  moreover AOT_assume φ  𝒜ψ
3742  ultimately AOT_have 𝒜ψ
3743    using "→E" by blast
3744  moreover AOT_have ¬𝒜ψ
3745    using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3746  ultimately AOT_show 𝒜ψ & ¬𝒜ψ
3747    using "&I" by blast
3748qed
3749
3750AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3751  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3752
3753AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3754  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism"
3755            "→I" "≡I" "nec-imp-act")
3756
3757AOT_theorem "sc-eq-fur:3":
3758  x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3759proof (rule "→I"; rule "→I")
3760  AOT_assume x (φ{x}  φ{x})
3761  AOT_hence A: x (φ{x}  φ{x})
3762    using CBF "→E" by blast
3763  AOT_assume ∃!x φ{x}
3764  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3765    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3766  moreover AOT_have φ{a}
3767    using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3768  AOT_hence 𝒜φ{a}
3769    using "nec-imp-act" "→E" by blast
3770  moreover AOT_have y (𝒜φ{y}  y = a)
3771  proof (rule "∀I"; rule "→I")
3772    fix b
3773    AOT_assume 𝒜φ{b}
3774    AOT_hence φ{b}
3775      using "Act-Sub:3" "→E" by blast
3776    moreover {
3777      AOT_have (φ{b}  φ{b})
3778        using A "∀E"(2) by blast
3779      AOT_hence φ{b}  φ{b}
3780        using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" by blast
3781    }
3782    ultimately AOT_have φ{b}
3783      using "→E" by blast
3784    AOT_hence φ{b}
3785      using "qml:2"[axiom_inst] "→E" by blast
3786    AOT_thus b = a
3787      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3788  qed
3789  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3790    using "&I" by blast
3791  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x))
3792    using "∃I" by fast
3793  AOT_hence ∃!x 𝒜φ{x}
3794    using "uniqueness:1"[THEN "≡dfI"] by fast
3795  AOT_thus ιx φ{x}
3796    using "actual-desc:1"[THEN "≡E"(2)] by blast
3797qed
3798
3799AOT_theorem "sc-eq-fur:4":
3800x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3801proof (rule "→I")
3802  AOT_assume x (φ{x}  φ{x})
3803  AOT_hence x (φ{x}  φ{x})
3804    using CBF "→E" by blast
3805  AOT_hence A: 𝒜φ{α}  φ{α} for α
3806    using "sc-eq-fur:2" "∀E" "→E" by fast
3807  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3808  proof (rule "≡I"; rule "→I")
3809    AOT_assume x = ιx φ{x}
3810    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3811      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3812    AOT_show φ{x} & z (φ{z}  z = x)
3813    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3814      AOT_show φ{x}
3815        using A B[THEN "&E"(1)] "≡E"(1) by blast
3816    next
3817      AOT_show z = x if φ{z} for z
3818        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3819    qed
3820  next
3821    AOT_assume B: φ{x} & z (φ{z}  z = x)
3822    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3823    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3824      AOT_show 𝒜φ{x}
3825        using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3826    next
3827      AOT_show b = x if 𝒜φ{b} for b
3828        using A[THEN "≡E"(1)] that
3829              B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3830    qed
3831    AOT_thus x = ιx φ{x}
3832      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3833  qed
3834qed
3835
3836AOT_theorem "id-act:1": α = β  𝒜α = β
3837  by (meson "Act-Sub:3" "Hypothetical Syllogism"
3838            "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3839
3840AOT_theorem "id-act:2": α  β  𝒜α  β
3841proof (AOT_subst α  β ¬(α = β))
3842  AOT_modally_strict {
3843    AOT_show α  β  ¬(α = β)
3844      by (simp add: "=-infix" "≡Df")
3845  }
3846next
3847  AOT_show ¬(α = β)  𝒜¬(α = β)
3848  proof (safe intro!: "≡I" "→I")
3849    AOT_assume ¬α = β
3850    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3851    AOT_thus 𝒜¬α = β
3852      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3853  next
3854    AOT_assume 𝒜¬α = β
3855    AOT_hence ¬𝒜α = β
3856      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3857    AOT_thus ¬α = β
3858      using "id-act:1" "≡E"(4) by blast
3859  qed
3860qed
3861
3862AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3863proof -
3864  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3865    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3866       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3867  also AOT_have   α 𝒜β (φ{β}  β = α)
3868    by (simp add: "Act-Basic:10")
3869  also AOT_have   αβ 𝒜(φ{β}  β = α)
3870    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3871       (auto simp: "logic-actual-nec:3"[axiom_inst] "oth-class-taut:3:a")
3872  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3873    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α
3874                            𝒜(φ{β}  β = α) for: α β :: 'a)
3875       (auto simp: "Act-Basic:5" "cqt-further:7")
3876  also AOT_have   αβ (𝒜φ{β}  β = α)
3877    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3878       (auto simp: "id-act:1" "cqt-further:7")
3879  also AOT_have ...  ∃!α 𝒜φ{α}
3880    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3881  finally show ?thesis.
3882qed
3883
3884AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3885  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3886     (auto simp: "actual-desc:1" "A-Exists:1")
3887
3888AOT_theorem "id-act-desc:1": ιx (x = y)
3889proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3890  AOT_show x E!x  E!x]ιx (x = y)
3891  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)];
3892         rule "∃I"; (rule "&I")+)
3893    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3894  next
3895    AOT_show z (𝒜z = y  z = y)
3896      apply (rule "∀I")
3897      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3898  next
3899    AOT_show x E!x  E!x]y
3900    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3901      AOT_show x E!x  E!x]
3902        by "cqt:2[lambda]"
3903    next
3904      AOT_show E!y  E!y 
3905        by (simp add: "if-p-then-p")
3906    qed
3907  qed
3908next
3909  AOT_show x E!x  E!x]
3910    by "cqt:2[lambda]"
3911qed
3912
3913AOT_theorem "id-act-desc:2": y = ιx (x = y)
3914  by (rule descriptions[axiom_inst, THEN "≡E"(2)];
3915      rule "∀I"; rule "id-act:1"[symmetric])
3916
3917AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3918  by (simp add: encoding "vdash-properties:1[2]")
3919
3920AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3921proof (rule "→I")
3922  AOT_assume x1x2[F]
3923  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3924    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3925  moreover AOT_have y [F]yx2] by "cqt:2"
3926  moreover AOT_have y [F]x1y] by "cqt:2"
3927  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3928    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3929  note A = this
3930  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3931    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3932  AOT_thus x1x2[F]
3933    by (rule "nary-encoding[2]"[axiom_inst, THEN RN,
3934                                THEN "KBasic:6"[THEN "→E"],
3935                                THEN "≡E"(2)])
3936qed
3937
3938AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3939proof (rule "→I")
3940  AOT_assume x1x2x3[F]
3941  AOT_hence x1y [F]yx2x3]
3942        and x2y [F]x1yx3]
3943        and x3y [F]x1x2y]
3944    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3945  moreover AOT_have y [F]yx2x3] by "cqt:2"
3946  moreover AOT_have y [F]x1yx3] by "cqt:2"
3947  moreover AOT_have y [F]x1x2y] by "cqt:2"
3948  ultimately AOT_have x1y [F]yx2x3]
3949                  and x2y [F]x1yx3]
3950                  and x3y [F]x1x2y]
3951    using encoding[axiom_inst, unvarify F] "→E" by blast+
3952  note A = this
3953  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3954    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3955  AOT_thus x1x2x3[F]
3956    by (rule "nary-encoding[3]"[axiom_inst, THEN RN,
3957                THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3958qed
3959
3960AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3961proof (rule "→I")
3962  AOT_assume x1x2x3x4[F]
3963  AOT_hence x1y [F]yx2x3x4]
3964        and x2y [F]x1yx3x4]
3965        and x3y [F]x1x2yx4]
3966        and x4y [F]x1x2x3y]
3967    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3968  moreover AOT_have y [F]yx2x3x4] by "cqt:2"
3969  moreover AOT_have y [F]x1yx3x4] by "cqt:2"
3970  moreover AOT_have y [F]x1x2yx4] by "cqt:2"
3971  moreover AOT_have y [F]x1x2x3y] by "cqt:2"
3972  ultimately AOT_have x1y [F]yx2x3x4]
3973                  and x2y [F]x1yx3x4]
3974                  and x3y [F]x1x2yx4]
3975                  and x4y [F]x1x2x3y]
3976    using "→E" encoding[axiom_inst, unvarify F] by blast+
3977  note A = this
3978  AOT_have B: (x1y [F]yx2x3x4] &
3979                  x2y [F]x1yx3x4] &
3980                  x3y [F]x1x2yx4] &
3981                  x4y [F]x1x2x3y])
3982    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3983  AOT_thus x1x2x3x4[F]
3984    by (rule "nary-encoding[4]"[axiom_inst, THEN RN,
3985              THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3986qed
3987
3988AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3989proof (rule "→I"; rule "raa-cor:1")
3990  AOT_assume ¬¬x1[F]
3991  AOT_hence x1[F]
3992    by (rule "conventions:5"[THEN "≡dfI"])
3993  AOT_hence x1[F]
3994    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN],
3995              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3996  moreover AOT_assume ¬x1[F]
3997  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3998qed
3999AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
4000proof (rule "→I"; rule "raa-cor:1")
4001  AOT_assume ¬¬x1x2[F]
4002  AOT_hence x1x2[F]
4003    by (rule "conventions:5"[THEN "≡dfI"])
4004  AOT_hence x1x2[F]
4005    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN],
4006              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4007  moreover AOT_assume ¬x1x2[F]
4008  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
4009qed
4010
4011AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4012proof (rule "→I"; rule "raa-cor:1")
4013  AOT_assume ¬¬x1x2x3[F]
4014  AOT_hence x1x2x3[F]
4015    by (rule "conventions:5"[THEN "≡dfI"])
4016  AOT_hence x1x2x3[F]
4017    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN],
4018              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4019  moreover AOT_assume ¬x1x2x3[F]
4020  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
4021qed
4022
4023AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4024proof (rule "→I"; rule "raa-cor:1")
4025  AOT_assume ¬¬x1x2x3x4[F]
4026  AOT_hence x1x2x3x4[F]
4027    by (rule "conventions:5"[THEN "≡dfI"])
4028  AOT_hence x1x2x3x4[F]
4029    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN],
4030                         THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4031  moreover AOT_assume ¬x1x2x3x4[F]
4032  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
4033qed
4034
4035AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
4036  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4037AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
4038  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4039AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
4040  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4041AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
4042  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4043
4044AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
4045  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
4046AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
4047  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
4048AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
4049  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
4050AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
4051  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
4052
4053AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
4054  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[1]"] "≡I" by blast
4055AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
4056  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[2]"] "≡I" by blast
4057AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
4058  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[3]"] "≡I" by blast
4059AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
4060  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[4]"] "≡I" by blast
4061
4062AOT_theorem "en-eq:4[1]":
4063  (x1[F]  y1[G])  (x1[F]  y1[G])
4064  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4065  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
4066AOT_theorem "en-eq:4[2]":
4067  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4068  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4069  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
4070AOT_theorem "en-eq:4[3]":
4071  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4072  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4073  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
4074AOT_theorem "en-eq:4[4]":
4075  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4076  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4077  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
4078
4079AOT_theorem "en-eq:5[1]":
4080  (x1[F]  y1[G])  (x1[F]  y1[G])
4081  apply (rule "≡I"; rule "→I")
4082  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4083   apply blast
4084  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4085        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]]
4086  by blast
4087AOT_theorem "en-eq:5[2]":
4088  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4089  apply (rule "≡I"; rule "→I")
4090  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4091   apply blast
4092  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4093        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]]
4094  by blast
4095AOT_theorem "en-eq:5[3]":
4096  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4097  apply (rule "≡I"; rule "→I")
4098  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4099   apply blast
4100  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4101        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]]
4102  by blast
4103AOT_theorem "en-eq:5[4]":
4104  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4105  apply (rule "≡I"; rule "→I")
4106  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4107   apply blast
4108  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4109        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]]
4110  by blast
4111
4112AOT_theorem "en-eq:6[1]":
4113  (x1[F]  y1[G])  (x1[F]  y1[G])
4114  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
4115AOT_theorem "en-eq:6[2]":
4116  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4117  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
4118AOT_theorem "en-eq:6[3]":
4119  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4120  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
4121AOT_theorem "en-eq:6[4]":
4122  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4123  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
4124
4125AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
4126  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
4127AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
4128  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
4129AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4130  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
4131AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4132  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
4133
4134AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
4135  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4136        "KBasic:11" "≡E"(5)[symmetric] by blast
4137AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
4138  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4139        "KBasic:11" "≡E"(5)[symmetric] by blast
4140AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4141  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4142        "KBasic:11" "≡E"(5)[symmetric] by blast
4143AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4144  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4145        "KBasic:11" "≡E"(5)[symmetric] by blast
4146
4147AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
4148  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
4149AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
4150  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
4151AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4152  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
4153AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4154  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
4155
4156AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
4157  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4158            "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
4159AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
4160  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4161            "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
4162AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
4163  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4164            "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
4165AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
4166  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4167            "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
4168
4169AOT_theorem "oa-facts:1": O!x  O!x
4170proof(rule "→I")
4171  AOT_modally_strict {
4172    AOT_have x E!x]x  E!x
4173      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4174  } note θ = this
4175  AOT_assume O!x
4176  AOT_hence x E!x]x
4177    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4178  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
4179  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
4180  AOT_hence x E!x]x
4181    by (AOT_subst x E!x]x E!x)
4182       (auto simp: θ)
4183  AOT_thus O!x
4184    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4185qed
4186
4187AOT_theorem "oa-facts:2": A!x  A!x
4188proof(rule "→I")
4189  AOT_modally_strict {
4190    AOT_have x ¬E!x]x  ¬E!x
4191      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4192  } note θ = this
4193  AOT_assume A!x
4194  AOT_hence x ¬E!x]x
4195    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2"
4196  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
4197  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
4198  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
4199  AOT_hence ¬E!x
4200    using "KBasic2:1"
4201    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
4202  AOT_hence x ¬E!x]x
4203    by (AOT_subst x ¬E!x]x ¬E!x)
4204       (auto simp: θ)
4205  AOT_thus A!x
4206    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
4207qed
4208
4209AOT_theorem "oa-facts:3": O!x  O!x
4210  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4211AOT_theorem "oa-facts:4": A!x  A!x
4212  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4213
4214AOT_theorem "oa-facts:5": O!x  O!x
4215  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4216            "oa-facts:1" "oa-facts:3")
4217
4218AOT_theorem "oa-facts:6": A!x  A!x
4219  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4220            "oa-facts:2" "oa-facts:4")
4221
4222AOT_theorem "oa-facts:7": O!x  𝒜O!x
4223  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4224            "oa-facts:1" "oa-facts:3")
4225
4226AOT_theorem "oa-facts:8": A!x  𝒜A!x
4227  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4228            "oa-facts:2" "oa-facts:4")
4229
4230subsection‹The Theory of Relations›
4231text‹\label{PLM: 9.10}›
4232
4233AOT_theorem "beta-C-meta":
4234  μ1...μn φ{μ1...μn, ν1...νn}] 
4235   (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4236  using "lambda-predicates:2"[axiom_inst] by blast
4237
4238AOT_theorem "beta-C-cor:1":
4239  (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}])) 
4240   ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4241  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
4242  using "beta-C-meta" "∀I" by fast
4243
4244AOT_theorem "beta-C-cor:2":
4245  μ1...μn φ{μ1...μn}] 
4246   ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
4247  apply (rule "→I"; rule "∀I")
4248  using "beta-C-meta"[THEN "→E"] by fast
4249
4250(* TODO: syntax *)
4251theorem "beta-C-cor:3":
4252  assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
4253  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn, μ1...μn}]ν1...νn 
4254                         φ{ν1...νn, ν1...νn})]
4255  using "cqt:2[lambda]"[axiom_inst, OF assms]
4256        "beta-C-cor:1"[THEN "→E"] "∀I" by fast
4257
4258AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
4259proof -
4260  AOT_modally_strict {
4261    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
4262    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
4263      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
4264    ultimately AOT_show φ{κ1...κn}
4265      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
4266  }
4267qed
4268
4269AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
4270  using "betaC:1:a" "raa-cor:3" by blast
4271
4272lemmas "β→C" = "betaC:1:a" "betaC:1:b"
4273
4274AOT_theorem "betaC:2:a":
4275  μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4276   μ1...μn φ{μ1...μn}]κ1...κn
4277proof -
4278  AOT_modally_strict {
4279    AOT_assume 1: μ1...μn φ{μ1...μn}]
4280           and 2: κ1...κn
4281           and 3: φ{κ1...κn}
4282    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
4283      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)]
4284      by blast
4285  }
4286  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4287            μ1...μn φ{μ1...μn}]κ1...κn
4288    by blast
4289qed
4290
4291AOT_theorem "betaC:2:b":
4292  μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn 
4293   ¬φ{κ1...κn}
4294  using "betaC:2:a" "raa-cor:3" by blast
4295
4296lemmas "β←C" = "betaC:2:a" "betaC:2:b"
4297
4298AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
4299  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
4300
4301(* Note: generalized alphabetic variant of the last theorem *)
4302AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
4303  using "eta-conversion-lemma1:1".
4304
4305text‹Note: not explicitly part of PLM.›
4306AOT_theorem id_sym:
4307  assumes τ = τ'
4308  shows τ' = τ
4309  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
4310        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
4311declare id_sym[sym]
4312
4313text‹Note: not explicitly part of PLM.›
4314AOT_theorem id_trans:
4315  assumes τ = τ' and τ' = τ''
4316  shows τ = τ''
4317  using "rule=E" assms by blast
4318declare id_trans[trans]
4319
4320method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> =
4321  (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  4322   rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"
4323    [THEN "→E", of v "«[Π]»", symmetric]])
4324(*
4325AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
4326  apply ("ηC" "«[P]»") defer
4327   apply ("ηC" "«[S]»") defer
4328  oops
4329*)
4330(* TODO: proper representation of eta_conversion_lemma2 *)
4331
4332AOT_theorem "sub-des-lam:1":
4333  z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x} 
4334   z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4335proof(rule "→I")
4336  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
4337  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4338    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] =
4339                                   z1...zn χ{z1...zn, τ}]»",
4340               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
4341    by blast
4342qed
4343
4344AOT_theorem "sub-des-lam:2":
4345  ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
4346  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»",
4347                 OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
4348
4349AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
4350proof(rule "≡I"; rule "→I")
4351  AOT_assume F = G
4352  AOT_thus x (x[F]  x[G])
4353    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
4354next
4355  AOT_assume x (x[F]  x[G])
4356  AOT_hence x[F]  x[G] for x
4357    using "∀E" by blast
4358  AOT_hence (x[F]  x[G]) for x
4359    using "en-eq:6[1]"[THEN "≡E"(1)] by blast
4360  AOT_hence x (x[F]  x[G])
4361    by (rule GEN)
4362  AOT_hence x (x[F]  x[G])
4363    using BF[THEN "→E"] by fast
4364  AOT_thus "F = G"
4365    using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
4366qed
4367
4368AOT_theorem "relations:1":
4369  assumes INSTANCE_OF_CQT_2(φ)
4370  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
4371  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
4372  using "cqt:2[lambda]"[OF assms, axiom_inst]
4373        "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
4374
4375AOT_theorem "relations:2":
4376  assumes INSTANCE_OF_CQT_2(φ)
4377  shows F x ([F]x  φ{x})
4378  using "relations:1" assms by blast
4379
4380AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
4381proof(rule "raa-cor:2")
4382  let ?K="«x G (x[G] & ¬[G]x)]»"
4383  AOT_assume A: «?K»
4384  AOT_have x (A!x & F (x[F]  F = «?K»))
4385    using "A-objects"[axiom_inst] by fast
4386  then AOT_obtain a where ξ: A!a & F (a[F]  F = «?K»)
4387    using "∃E"[rotated] by blast
4388  AOT_show p & ¬p for p
4389  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4390    AOT_assume B: [«?K»]a
4391    AOT_hence G (a[G] & ¬[G]a)
4392      using "β→C" A by blast
4393    then AOT_obtain P where a[P] & ¬[P]a
4394      using "∃E"[rotated] by blast
4395    moreover AOT_have P = [«?K»]
4396      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4397            calculation[THEN "&E"(1)] by blast
4398    ultimately AOT_have ¬[«?K»]a
4399      using "rule=E" "&E"(2) by fast
4400    AOT_thus p & ¬p
4401      using B RAA by blast
4402  next
4403    AOT_assume B: ¬[«?K»]a
4404    AOT_hence ¬G (a[G] & ¬[G]a)
4405      using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
4406    AOT_hence C: G ¬(a[G] & ¬[G]a)
4407      using "cqt-further:4"[THEN "→E"] by blast
4408    AOT_have G (a[G]  [G]a)
4409      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4410         (auto simp: "oth-class-taut:1:a" C)
4411    AOT_hence a[«?K»]  [«?K»]a
4412      using "∀E" A by blast
4413    moreover AOT_have a[«?K»]
4414      using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
4415      using "=I"(1)[OF A] by blast
4416    ultimately AOT_show p & ¬p
4417      using B "→E" RAA by blast
4418  qed
4419qed
4420
4421AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
4422proof(rule RAA(2))
4423  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
4424  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x))
4425    using "∃E"[rotated] by blast
4426  AOT_have x (A!x & G (x[G]  G = F))
4427    using "A-objects"[axiom_inst] by fast
4428  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
4429    using "∃E"[rotated] by blast
4430  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4431  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4432    AOT_assume B: [F]a
4433    AOT_hence G (a[G] & ¬[G]a)
4434      using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
4435    then AOT_obtain P where a[P] & ¬[P]a
4436      using "∃E"[rotated] by blast
4437    moreover AOT_have P = F
4438      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4439            calculation[THEN "&E"(1)] by blast
4440    ultimately AOT_have ¬[F]a
4441      using "rule=E" "&E"(2) by fast
4442    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x))
4443      using B RAA by blast
4444  next
4445    AOT_assume B: ¬[F]a
4446    AOT_hence ¬G (a[G] & ¬[G]a)
4447      using "oth-class-taut:4:b"[THEN "≡E"(1),
4448              OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)]
4449      by simp
4450    AOT_hence C: G ¬(a[G] & ¬[G]a)
4451      using "cqt-further:4"[THEN "→E"] by blast
4452    AOT_have G (a[G]  [G]a)
4453      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4454         (auto simp: "oth-class-taut:1:a" C)
4455    AOT_hence a[F]  [F]a
4456      using "∀E" by blast
4457    moreover AOT_have a[F]
4458      using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
4459      using "=I"(2) by blast
4460    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4461      using B "→E" RAA by blast
4462  qed
4463qed(simp)
4464
4465AOT_theorem "block-paradox:3": ¬y z z = y]
4466proof(rule RAA(2))
4467  AOT_assume θ: y z z = y]
4468  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
4469    using "A-objects"[axiom_inst] by force
4470  then AOT_obtain a where
4471    a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
4472    using "∃E"[rotated] by blast
4473  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
4474    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
4475  AOT_show ¬y z z = y]
4476  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4477    AOT_assume A: az z = a]
4478    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
4479      using ζ[THEN "≡E"(1)] by blast
4480    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
4481      using "∃E"[rotated] by blast
4482    moreover AOT_have a = a by (rule "=I")
4483    moreover AOT_have z z = a] using θ "∀E" by blast
4484    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
4485    ultimately AOT_have z z = a]a using "β←C" by blast
4486    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
4487    AOT_hence a = b using "β→C" by blast
4488    AOT_hence bz z = a] using A "rule=E" by fast
4489    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
4490  next
4491    AOT_assume A: ¬az z = a]
4492    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
4493      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4494    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
4495      using "cqt-further:4"[THEN "→E"] by blast
4496    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
4497      using "∀E" by blast
4498    AOT_hence z z = a] = z z = a]  az z = a]
4499      by (metis "&I" "deduction-theorem" "raa-cor:4")
4500    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
4501    AOT_thus ¬y z z = y] using A RAA by blast
4502  qed
4503qed(simp)
4504
4505AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
4506proof(rule RAA(2))
4507  AOT_assume θ: y F x([F]x  x = y)
4508  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
4509    using "A-objects"[axiom_inst] by force
4510  then AOT_obtain a where
4511    a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
4512    using "∃E"[rotated] by blast
4513  AOT_obtain F where F_prop: x ([F]x  x = a)
4514    using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
4515  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
4516    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
4517  AOT_show ¬y F x([F]x  x = y)
4518  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4519    AOT_assume A: a[F]
4520    AOT_hence z (y ([F]y  y = z) & ¬z[F])
4521      using ζ[THEN "≡E"(1)] by blast
4522    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
4523      using "∃E"[rotated] by blast
4524    moreover AOT_have [F]a
4525      using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
4526    ultimately AOT_have a = b
4527      using "∀E"(2) "≡E"(1) "&E" by fast
4528    AOT_hence a = b
4529      using "β→C" by blast
4530    AOT_hence b[F]
4531      using A "rule=E" by fast
4532    AOT_thus ¬y F x([F]x  x = y)
4533      using b_prop[THEN "&E"(2)] RAA by blast
4534  next
4535    AOT_assume A: ¬a[F]
4536    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
4537      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4538    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
4539      using "cqt-further:4"[THEN "→E"] by blast
4540    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
4541      using "∀E" by blast
4542    AOT_hence y ([F]y  y = a)  a[F]
4543      by (metis "&I" "deduction-theorem" "raa-cor:4")
4544    AOT_hence a[F] using F_prop "→E" by blast
4545    AOT_thus ¬y F x([F]x  x = y)
4546      using A RAA by blast
4547  qed
4548qed(simp)
4549
4550AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
4551proof(rule "raa-cor:2")
4552  AOT_assume Fxy([F]xy  y = x)
4553  then AOT_obtain F where F_prop: xy([F]xy  y = x)
4554    using "∃E"[rotated] by blast
4555  {
4556    fix x
4557    AOT_have 1: y([F]xy  y = x)
4558      using F_prop "∀E" by blast
4559    AOT_have 2: z [F]xz] by "cqt:2"
4560    moreover AOT_have y(z [F]xz]y  y = x)
4561    proof(rule "∀I")
4562      fix y
4563      AOT_have z [F]xz]y  [F]xy
4564        using "beta-C-meta"[THEN "→E"] 2 by fast
4565      also AOT_have ...  y = x
4566        using 1 "∀E" by fast
4567      finally AOT_show z [F]xz]y  y = x.
4568    qed
4569    ultimately AOT_have Fy([F]y  y = x)
4570      using "∃I" by fast
4571  }
4572  AOT_hence xFy([F]y  y = x)
4573    by (rule GEN)
4574  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
4575    using "&I" "block-paradox:4" by blast
4576qed
4577
4578AOT_act_theorem "block-paradox2:1":
4579  x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4580proof(rule "→I"; rule "raa-cor:2")
4581  AOT_assume antecedant: x [G]x
4582  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4583  proof(rule GEN)
4584    fix x
4585    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x)) 
4586                 ∃!y (y = x & H (x[H] & ¬[H]x))
4587    proof(rule "≡I"; rule "→I")
4588      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4589      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4590        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4591      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
4592        using "!-exists:1"[THEN "≡E"(1)] by blast
4593    next
4594      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4595      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x)
4596                     and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
4597        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4598      AOT_have a_3: [G]a
4599        using antecedant "∀E" by blast
4600      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
4601        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
4602        apply (rule "∃I"(2))
4603        using a_1 a_2 a_3 "&I" by blast
4604    qed
4605    also AOT_have B: ...  H (x[H] & ¬[H]x)
4606    proof (rule "≡I"; rule "→I")
4607      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4608      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
4609        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4610      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
4611    next
4612      AOT_assume H (x[H] & ¬[H]x)
4613      AOT_hence x = x & H (x[H] & ¬[H]x)
4614        using "id-eq:1" "&I" by blast
4615      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
4616        by (simp add: "Conjunction Simplification"(1) "universal-cor")
4617      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
4618        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4619    qed
4620    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
4621  qed
4622
4623  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4624  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x 
4625                   [G]ιy(y = x & H (x[H] & ¬[H]x)))
4626    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
4627  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4628    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
4629  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
4630    using "∃I"(1) A by fast
4631  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) &
4632            (¬F x ([F]x  H (x[H] & ¬[H]x)))
4633    using "block-paradox:2" "&I" by blast
4634qed
4635
4636text‹Note: Strengthens the above to a modally-strict theorem.
4637           Not explicitly part of PLM.›
4638AOT_theorem "block-paradox2:1[strict]":
4639  x 𝒜[G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4640proof(rule "→I"; rule "raa-cor:2")
4641  AOT_assume antecedant: x 𝒜[G]x
4642  AOT_have Lemma: 𝒜x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4643  proof(safe intro!: GEN "Act-Basic:5"[THEN "≡E"(2)]
4644                     "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)])
4645    fix x
4646    AOT_have A: 𝒜[G]ιy (y = x & H (x[H] & ¬[H]x)) 
4647                 ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4648    proof(rule "≡I"; rule "→I")
4649      AOT_assume 𝒜[G]ιy (y = x & H (x[H] & ¬[H]x))
4650      moreover AOT_have ([G]ιy (y = x & H (x[H] & ¬[H]x)) 
4651                                  ιy (y = x & H (x[H] & ¬[H]x)))
4652      proof(rule RN; rule "→I")
4653        AOT_modally_strict {
4654          AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4655          AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4656            using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4657          AOT_thus ιy (y = x & H (x[H] & ¬[H]x))
4658            using "exist-nec"[THEN "→E"] by blast
4659        }
4660      qed
4661      ultimately AOT_have 𝒜ιy (y = x & H (x[H] & ¬[H]x))
4662        using "act-cond"[THEN "→E", THEN "→E"] "nec-imp-act"[THEN "→E"] by blast
4663      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4664        using "Act-Sub:3" "B◇" "vdash-properties:10" by blast
4665      AOT_thus ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4666        using "actual-desc:1"[THEN "≡E"(1)] by blast
4667    next
4668      AOT_assume A: ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4669      AOT_obtain a where a_1: 𝒜(a = x & H (x[H] & ¬[H]x))
4670                     and a_2: z (𝒜(z = x & H (x[H] & ¬[H]x))  z = a)
4671        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4672      AOT_have a_3: 𝒜[G]a
4673        using antecedant "∀E" by blast
4674      moreover AOT_have a = ιy(y = x & H (x[H] & ¬[H]x))
4675        using "nec-hintikka-scheme"[THEN "≡E"(2), OF "&I"] a_1 a_2 by auto
4676      ultimately AOT_show 𝒜[G]ιy (y = x & H (x[H] & ¬[H]x))
4677        using "rule=E" by fast
4678    qed
4679    also AOT_have B: ...  𝒜H (x[H] & ¬[H]x)
4680    proof (rule "≡I"; rule "→I")
4681      AOT_assume A: ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4682      AOT_obtain a where 𝒜(a = x & H (x[H] & ¬[H]x))
4683        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4684      AOT_thus 𝒜H (x[H] & ¬[H]x)
4685        using "Act-Basic:2"[THEN "≡E"(1), THEN "&E"(2)] by blast
4686    next
4687      AOT_assume 𝒜H (x[H] & ¬[H]x)
4688      AOT_hence 𝒜x = x & 𝒜H (x[H] & ¬[H]x)
4689        using "id-eq:1" "&I" "RA[2]" by blast
4690      AOT_hence 𝒜(x = x & H (x[H] & ¬[H]x))
4691        using "act-conj-act:3" "Act-Basic:2" "≡E" by blast
4692      moreover AOT_have z (𝒜(z = x & H (x[H] & ¬[H]x))  z = x)
4693      proof(safe intro!: GEN "→I")
4694        fix z
4695        AOT_assume 𝒜(z = x & H (x[H] & ¬[H]x))
4696        AOT_hence 𝒜(z = x)
4697          using "Act-Basic:2"[THEN "≡E"(1), THEN "&E"(1)] by blast
4698        AOT_thus z = x
4699           by (metis "id-act:1" "intro-elim:3:b")
4700      qed
4701      ultimately AOT_show ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4702        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4703    qed
4704    finally AOT_show (𝒜[G]ιy(y = x & H (x[H] & ¬[H]x))  𝒜H (x[H] & ¬[H]x)).
4705  qed
4706
4707  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4708  AOT_hence 𝒜x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4709    using "exist-nec" "→E" "nec-imp-act"[THEN "→E"] by blast
4710  AOT_hence 𝒜(x [G]ιy (y = x & H (x[H] & ¬[H]x))] &
4711                x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)))
4712    using Lemma "Act-Basic:2"[THEN "≡E"(2)] "&I" by blast
4713  moreover AOT_have 𝒜(x [G]ιy (y = x & H (x[H] & ¬[H]x))] &
4714                x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)))
4715       𝒜p (p & ¬p)
4716  proof (rule "logic-actual-nec:2"[axiom_inst, THEN "≡E"(1)];
4717         rule "RA[2]"; rule "→I")
4718    AOT_modally_strict {
4719      AOT_assume 0: x [G]ιy (y = x & H (x[H] & ¬[H]x))] &
4720                x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4721      AOT_have F x ([F]x  G (x[G] & ¬[G]x))
4722      proof(rule "∃I"(1))
4723        AOT_show x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4724        proof(safe intro!: GEN "≡I" "→I" "β←C" dest!: "β→C")
4725          fix x
4726          AOT_assume [G]ιy(y = x & H (x[H] & ¬[H]x))
4727          AOT_thus H (x[H] & ¬[H]x)
4728            using 0 "&E" "∀E"(2) "≡E"(1) by blast
4729        next
4730          fix x
4731          AOT_assume H (x[H] & ¬[H]x)
4732          AOT_thus [G]ιy(y = x & H (x[H] & ¬[H]x))
4733            using 0 "&E" "∀E"(2) "≡E"(2) by blast
4734        qed(auto intro!: 0[THEN "&E"(1)] "cqt:2")
4735      next
4736        AOT_show x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4737          using 0 "&E"(1) by blast
4738      qed
4739      AOT_thus p (p & ¬p)
4740        using "block-paradox:2" "reductio-aa:1" by blast
4741    }
4742  qed
4743  ultimately AOT_have 𝒜p (p & ¬p)
4744    using "→E" by blast
4745  AOT_hence p 𝒜(p & ¬p)
4746    by (metis "Act-Basic:10" "intro-elim:3:a")
4747  then AOT_obtain p where 𝒜(p & ¬p)
4748    using "∃E"[rotated] by blast
4749  moreover AOT_have ¬𝒜(p & ¬p)
4750    using "non-contradiction"[THEN "RA[2]"]
4751    by (meson "Act-Sub:1" "¬¬I" "intro-elim:3:d")
4752  ultimately AOT_show p & ¬p for p
4753    by (metis "raa-cor:3")
4754qed
4755
4756AOT_act_theorem "block-paradox2:2":
4757  G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4758proof(rule "∃I"(1))
4759  AOT_have 0: x p (p p)]
4760    by "cqt:2[lambda]"
4761  moreover AOT_have x x p (p p)]x
4762    apply (rule GEN)
4763    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
4764    using "if-p-then-p" GEN by fast
4765  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
4766      using "block-paradox2:1" "∀I" by fast
4767  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
4768    using "∀E"(1) "→E" by blast
4769qed("cqt:2[lambda]")
4770
4771AOT_theorem propositions: p (p  φ)
4772proof(rule "∃I"(1))
4773  AOT_show (φ  φ)
4774    by (simp add: RN "oth-class-taut:3:a")
4775next
4776  AOT_show φ
4777    by (simp add: "log-prop-prop:2")
4778qed
4779
4780AOT_theorem "pos-not-equiv-ne:1":
4781  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4782proof (rule "→I")
4783  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4784  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4785    using "KBasic:11"[THEN "≡E"(2)] by blast
4786  AOT_hence ¬(F = G)
4787    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
4788  AOT_thus F  G
4789    using "=-infix"[THEN "≡dfI"] by blast
4790qed
4791
4792AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
4793proof (rule "→I")
4794  AOT_modally_strict {
4795    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
4796    proof (rule "→I"; rule "raa-cor:2")
4797      AOT_assume 1: F = G
4798      AOT_hence φ{F}  φ{G}
4799        using "l-identity"[axiom_inst, THEN "→E"] by blast
4800      moreover {
4801        AOT_have G = F
4802          using 1 id_sym by blast
4803        AOT_hence φ{G}  φ{F}
4804          using "l-identity"[axiom_inst, THEN "→E"] by blast
4805      }
4806      ultimately AOT_have φ{F}  φ{G}
4807        using "≡I" by blast
4808      moreover AOT_assume ¬(φ{F}  φ{G})
4809      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
4810        using "&I" by blast
4811    qed
4812  }
4813  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
4814    using "RM:2[prem]" by blast
4815  moreover AOT_assume ¬(φ{F}  φ{G})
4816  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
4817  AOT_have (F  G)
4818    by (AOT_subst F  G ¬(F = G))
4819       (auto simp: "=-infix" "≡Df" 0)
4820  AOT_thus F  G
4821    using "id-nec2:3"[THEN "→E"] by blast
4822qed
4823
4824AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
4825proof (rule "→I")
4826  AOT_modally_strict {
4827    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
4828    proof (rule "→I"; rule "raa-cor:2")
4829      AOT_assume 1: p = q
4830      AOT_hence φ{p}  φ{q}
4831        using "l-identity"[axiom_inst, THEN "→E"] by blast
4832      moreover {
4833        AOT_have q = p
4834          using 1 id_sym by blast
4835        AOT_hence φ{q}  φ{p}
4836          using "l-identity"[axiom_inst, THEN "→E"] by blast
4837      }
4838      ultimately AOT_have φ{p}  φ{q}
4839        using "≡I" by blast
4840      moreover AOT_assume ¬(φ{p}  φ{q})
4841      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
4842        using "&I" by blast
4843    qed
4844  }
4845  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
4846    using "RM:2[prem]" by blast
4847  moreover AOT_assume ¬(φ{p}  φ{q})
4848  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
4849  AOT_have (p  q)
4850    by (AOT_subst p  q ¬(p = q))
4851       (auto simp: 0 "=-infix" "≡Df")
4852  AOT_thus p  q
4853    using "id-nec2:3"[THEN "→E"] by blast
4854qed
4855
4856AOT_theorem "pos-not-equiv-ne:3":
4857  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4858  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
4859
4860AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
4861  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
4862
4863AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
4864  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"]
4865        "T◇"[THEN "→E"] by blast
4866
4867AOT_define relation_negation ::  Π" ("_-")
4868  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
4869
4870nonterminal φneg
4871syntax "" :: "φneg  τ" ("_")
4872syntax "" :: "φneg  φ" ("'(_')")
4873
4874AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
4875  "df-relation-negation[zero]": "(p)- =df  ¬p]"
4876
4877AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
4878  by "cqt:2[lambda]"
4879
4880AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
4881  using "cqt:2[lambda0]"[axiom_inst] by blast
4882
4883AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
4884  using "=I"(1)[OF "rel-neg-T:1"]
4885  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
4886
4887AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4888  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4889  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4890
4891AOT_theorem "rel-neg-T:3": [Π]-
4892  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"]
4893        "rel-neg-T:1" by blast
4894
4895AOT_theorem "rel-neg-T:3[zero]": (φ)-
4896  using "log-prop-prop:2" by blast
4897
4898(* Note: PLM states the zero place case twice *)
4899AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4900proof -
4901  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4902    using "rule=E"[rotated, OF "rel-neg-T:2"]
4903          "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4904          "→I" "≡I" by fast
4905  also AOT_have ...  ¬[F]x1...xn
4906    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4907  finally show ?thesis.
4908qed
4909
4910AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4911  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4912   apply (simp add: "oth-class-taut:3:b")
4913  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4914  using "thm-relation-negation:1".
4915
4916AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4917proof -
4918  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4919  AOT_hence ((p)-)   ¬p]
4920    using "df-relation-negation[zero]" "log-prop-prop:2"
4921          "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4922  also AOT_have  ¬p]  ¬p
4923    by (simp add: "propositions-lemma:2")
4924  finally show ?thesis.
4925qed
4926
4927AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4928  using "thm-relation-negation:3"[THEN "≡E"(1)]
4929        "thm-relation-negation:3"[THEN "≡E"(2)]
4930        "≡I" "→I" RAA by metis
4931
4932AOT_theorem "thm-relation-negation:5": [F]  [F]-
4933proof -
4934  AOT_have ¬([F] = [F]-)
4935  proof (rule RAA(2))
4936    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4937      using "if-p-then-p".
4938  next
4939    AOT_assume [F] = [F]-
4940    AOT_hence [F]- = [F] using id_sym by blast
4941    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4942      using "rule=E" "thm-relation-negation:1" by fast
4943    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4944      using "≡E" RAA by metis
4945  qed
4946  thus ?thesis
4947    using "≡dfI" "=-infix" by blast
4948qed
4949
4950AOT_theorem "thm-relation-negation:6": p  (p)-
4951proof -
4952  AOT_have ¬(p = (p)-)
4953  proof (rule RAA(2))
4954    AOT_show p  p
4955      using "if-p-then-p".
4956  next
4957    AOT_assume p = (p)-
4958    AOT_hence (p)- = p using id_sym by blast
4959    AOT_hence p  ¬p
4960      using "rule=E" "thm-relation-negation:3" by fast
4961    AOT_thus ¬(p  p)
4962      using "≡E" RAA by metis
4963  qed
4964  thus ?thesis
4965    using "≡dfI" "=-infix" by blast
4966qed
4967
4968AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4969  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4970  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]"
4971        "propositions-lemma:1" id_trans by blast+
4972
4973AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4974proof(rule "→I")
4975  AOT_assume p = q
4976  moreover AOT_have (¬p) using "log-prop-prop:2".
4977  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4978  ultimately AOT_show (¬p) = (¬q)
4979    using "rule=E" by fast
4980qed
4981
4982AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4983proof(rule "→I")
4984  AOT_assume p = q
4985  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4986  AOT_thus (p)- = (q)-
4987    using "thm-relation-negation:7" id_sym id_trans by metis
4988qed
4989
4990AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4991  "contingent-properties:1":
4992  Necessary([F]) df x1...∀xn [F]x1...xn
4993
4994AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4995  "contingent-properties:1[zero]":
4996  Necessary0(p) df p
4997
4998AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4999  "contingent-properties:2":
5000  Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
5001
5002AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
5003  "contingent-properties:2[zero]":
5004  Impossible0(p) df ¬p
5005
5006AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
5007  "contingent-properties:3":
5008  NonContingent([F]) df Necessary([F])  Impossible([F])
5009
5010AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
5011  "contingent-properties:3[zero]":
5012  NonContingent0(p) df Necessary0(p)  Impossible0(p)
5013
5014AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
5015  "contingent-properties:4":
5016  Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
5017
5018AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
5019  "contingent-properties:4[zero]":
5020  Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
5021
5022
5023AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
5024proof (rule "≡I"; rule "→I")
5025  AOT_assume NonContingent([F])
5026  AOT_hence Necessary([F])  Impossible([F])
5027    using "≡dfE"[OF "contingent-properties:3"] by blast
5028  moreover {
5029    AOT_assume Necessary([F])
5030    AOT_hence (x1...∀xn [F]x1...xn)
5031      using "≡dfE"[OF "contingent-properties:1"] by blast
5032    moreover AOT_modally_strict {
5033      AOT_assume x1...∀xn [F]x1...xn
5034      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
5035      AOT_hence ¬[F]-x1...xn for x1xn
5036        by (meson "≡E"(6) "oth-class-taut:3:a"
5037                  "thm-relation-negation:2" "≡E"(1))
5038      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
5039    }
5040    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
5041      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
5042    AOT_hence Impossible([F]-)
5043      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5044                  OF "rel-neg-T:3", THEN "≡E"(2)]
5045      by blast
5046  }
5047  moreover {
5048    AOT_assume Impossible([F])
5049    AOT_hence (x1...∀xn ¬[F]x1...xn)
5050      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5051                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
5052      by blast
5053    moreover AOT_modally_strict {
5054      AOT_assume x1...∀xn ¬[F]x1...xn
5055      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
5056      AOT_hence [F]-x1...xn for x1xn
5057        by (meson "≡E"(6) "oth-class-taut:3:a"
5058                  "thm-relation-negation:1" "≡E"(1))
5059      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
5060    }
5061    ultimately AOT_have (x1...∀xn [F]-x1...xn)
5062      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
5063    AOT_hence Necessary([F]-)
5064      using "≡dfI"[OF "contingent-properties:1"] by blast
5065  }
5066  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
5067    using "∨E"(1) "∨I" "→I" by metis
5068  AOT_thus NonContingent([F]-)
5069    using "≡dfI"[OF "contingent-properties:3"] by blast
5070next
5071  AOT_assume NonContingent([F]-)
5072  AOT_hence Necessary([F]-)  Impossible([F]-)
5073    using "≡dfE"[OF "contingent-properties:3"] by blast
5074  moreover {
5075    AOT_assume Necessary([F]-)
5076    AOT_hence (x1...∀xn [F]-x1...xn)
5077      using "≡dfE"[OF "contingent-properties:1"] by blast
5078    moreover AOT_modally_strict {
5079      AOT_assume x1...∀xn [F]-x1...xn
5080      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
5081      AOT_hence ¬[F]x1...xn for x1xn
5082        by (meson "≡E"(6) "oth-class-taut:3:a"
5083                  "thm-relation-negation:1" "≡E"(2))
5084      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
5085    }
5086    ultimately AOT_have x1...∀xn ¬[F]x1...xn
5087      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
5088    AOT_hence Impossible([F])
5089      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5090                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
5091      by blast
5092  }
5093  moreover {
5094    AOT_assume Impossible([F]-)
5095    AOT_hence (x1...∀xn ¬[F]-x1...xn)
5096      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5097                  OF "rel-neg-T:3", THEN "≡E"(1)]
5098      by blast
5099    moreover AOT_modally_strict {
5100      AOT_assume x1...∀xn ¬[F]-x1...xn
5101      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
5102      AOT_hence [F]x1...xn for x1xn 
5103        using "thm-relation-negation:1"[THEN
5104                "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
5105              "useful-tautologies:1"[THEN "→E"] by blast
5106      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
5107    }
5108    ultimately AOT_have (x1...∀xn [F]x1...xn)
5109      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
5110    AOT_hence Necessary([F])
5111      using "≡dfI"[OF "contingent-properties:1"] by blast
5112  }
5113  ultimately AOT_have Necessary([F])  Impossible([F])
5114    using "∨E"(1) "∨I" "→I" by metis
5115  AOT_thus NonContingent([F])
5116    using "≡dfI"[OF "contingent-properties:3"] by blast
5117qed
5118
5119AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
5120proof -
5121  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
5122    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5123                                    OF "cqt:2[const_var]"[axiom_inst]]
5124    by blast
5125  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
5126    using "oth-class-taut:5:d" by fastforce
5127  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
5128    by (simp add: "Commutativity of &")
5129  also AOT_have ...  x [F]x & ¬Necessary([F])
5130  proof (rule "oth-class-taut:4:e"[THEN "→E"])
5131    AOT_have ¬Impossible([F])  ¬¬ x [F]x
5132      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5133      apply (AOT_subst x [F]x ¬ x ¬[F]x)
5134       apply (simp add: "conventions:4" "≡Df")
5135      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
5136       apply (simp add: "oth-class-taut:3:b")
5137      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1),
5138                                      OF "cqt:2[const_var]"[axiom_inst]]
5139      by blast
5140    also AOT_have ...  x [F]x
5141      using "conventions:5"[THEN "≡Df", symmetric] by blast
5142    finally AOT_show ¬Impossible([F])  x [F]x .
5143  qed
5144  also AOT_have ...  x [F]x & x ¬[F]x
5145  proof (rule "oth-class-taut:4:f"[THEN "→E"])
5146    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
5147      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5148      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
5149       apply (simp add: "conventions:4" "≡Df")
5150      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
5151       apply (simp add: "oth-class-taut:3:b")
5152      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
5153      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
5154    also AOT_have ...  x ¬[F]x
5155      using "conventions:5"[THEN "≡Df", symmetric] by blast
5156    finally AOT_show ¬Necessary([F])  x ¬[F]x.
5157  qed
5158  finally show ?thesis.
5159qed
5160
5161AOT_theorem "thm-cont-prop:3":
5162  Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
5163proof -
5164  {
5165    fix Π :: <κ>
5166    AOT_assume Π
5167    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5168      using "thm-cont-prop:2" GEN by fast
5169    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
5170      using "thm-cont-prop:2" "∀E" by fast
5171  } note 1 = this
5172  AOT_have Contingent([F])  x [F]x & x ¬[F]x
5173    using "thm-cont-prop:2" by blast
5174  also AOT_have ...  x ¬[F]x & x [F]x
5175    by (simp add: "Commutativity of &")
5176  also AOT_have ...  x [F]-x & x [F]x
5177    by (AOT_subst [F]-x ¬[F]x for: x)
5178       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
5179  also AOT_have ...  x [F]-x & x ¬[F]-x
5180    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
5181       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
5182  also AOT_have ...  Contingent([F]-)
5183    using 1[OF "rel-neg-T:3", symmetric] by blast
5184  finally show ?thesis.
5185qed
5186
5187AOT_define concrete_if_concrete :: ‹Π› ("L")
5188  L_def: L =df x E!x  E!x]
5189
5190AOT_theorem "thm-noncont-e-e:1": Necessary(L)
5191proof -
5192  AOT_modally_strict {
5193    fix x
5194    AOT_have x E!x  E!x] by "cqt:2[lambda]"
5195    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5196    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5197    ultimately AOT_have x E!x  E!x]x
5198      using "β←C" by blast
5199  }
5200  AOT_hence 0: x x E!x  E!x]x
5201    using RN GEN by blast
5202  show ?thesis
5203    apply (rule "=dfI"(2)[OF L_def])
5204     apply "cqt:2[lambda]"
5205    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
5206qed
5207
5208AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
5209proof -
5210  AOT_modally_strict {
5211    fix x
5212
5213    AOT_have 0: F (¬[F]-x  [F]x)
5214      using "thm-relation-negation:2" GEN by fast
5215    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
5216      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
5217    moreover {
5218      AOT_have x E!x  E!x] by "cqt:2[lambda]"
5219      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5220      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5221      ultimately AOT_have x E!x  E!x]x
5222        using "β←C" by blast
5223    }
5224    ultimately AOT_have ¬x E!x  E!x]-x
5225      using "≡E" by blast
5226  }
5227  AOT_hence 0: x ¬x E!x  E!x]-x
5228    using RN GEN by fast
5229  show ?thesis
5230    apply (rule "=dfI"(2)[OF L_def])
5231     apply "cqt:2[lambda]"
5232    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
5233     using "rel-neg-T:3"
5234     apply blast
5235    using 0
5236    by blast
5237qed
5238
5239AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
5240  using "thm-noncont-e-e:1"
5241  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
5242
5243AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
5244proof -
5245  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
5246    using "thm-cont-prop:1" "∀I" by fast
5247  moreover AOT_have 1: L
5248    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5249  AOT_show NonContingent([L]-)
5250    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
5251qed
5252
5253AOT_theorem "thm-noncont-e-e:5":
5254  F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
5255proof (rule "∃I")+
5256  {
5257    AOT_have F [F]  [F]-
5258      using "thm-relation-negation:5" GEN by fast
5259    moreover AOT_have L
5260      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5261    ultimately AOT_have L  [L]-
5262      using "∀E" by blast
5263  }
5264  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
5265    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
5266next
5267  AOT_show [L]-
5268    using "rel-neg-T:3" by blast
5269next
5270  AOT_show L
5271      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5272qed
5273
5274AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5275proof -
5276  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
5277    using "BF◇" "CBF◇" "≡I" by blast
5278  also AOT_have   x ([F]x &  ¬[F]x)
5279    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
5280       (auto simp: "S5Basic:11" "cqt-further:7")
5281  also AOT_have   x (¬[F]x & [F]x)
5282    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
5283       (auto simp: "Commutativity of &" "cqt-further:7")
5284  also AOT_have   x (¬[F]x & [F]x)
5285    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
5286       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
5287  also AOT_have   x (¬[F]x & [F]x)
5288    using "BF◇" "CBF◇" "≡I" by fast
5289  finally show ?thesis.
5290qed
5291
5292AOT_theorem "lem-cont-e:2":
5293  x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
5294proof -
5295  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5296    using "lem-cont-e:1".
5297  also AOT_have   x ([F]-x & ¬[F]-x)
5298    apply (AOT_subst ¬[F]-x [F]x for: x)
5299     apply (simp add: "thm-relation-negation:2")
5300    apply (AOT_subst [F]-x ¬[F]x for: x)
5301     apply (simp add: "thm-relation-negation:1")
5302    by (simp add: "oth-class-taut:3:a")
5303  finally show ?thesis.
5304qed
5305
5306AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
5307proof (rule "CBF◇"[THEN "→E"])
5308  AOT_have x (E!x & ¬𝒜E!x)
5309    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
5310  then AOT_obtain a where (E!a & ¬𝒜E!a)
5311    using "∃E"[rotated] by blast
5312  AOT_hence θ: E!a & ¬𝒜E!a
5313    using "KBasic2:3"[THEN "→E"] by blast
5314  AOT_have ξ: E!a & 𝒜¬E!a
5315    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
5316       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
5317  AOT_have ζ: E!a & 𝒜¬E!a
5318    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
5319       (auto simp add: "Act-Sub:4" ξ)
5320  AOT_hence E!a & ¬E!a
5321    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
5322  AOT_hence (E!a & ¬E!a)
5323    using "S5Basic:11"[THEN "≡E"(2)] by simp
5324  AOT_thus x (E!x & ¬E!x)
5325    using "∃I"(2) by fast
5326qed
5327
5328AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
5329proof -
5330  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
5331    using "lem-cont-e:1" GEN by fast
5332  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
5333    using "∀E"(2) by blast
5334  thus ?thesis using "thm-cont-e:1" "≡E" by blast
5335qed
5336
5337AOT_theorem "thm-cont-e:3": x E!x
5338proof (rule "CBF◇"[THEN "→E"])
5339  AOT_obtain a where (E!a & ¬E!a)
5340    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5341  AOT_hence E!a
5342    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
5343  AOT_thus x E!x using "∃I" by fast
5344qed
5345
5346AOT_theorem "thm-cont-e:4": x ¬E!x
5347proof (rule "CBF◇"[THEN "→E"])
5348  AOT_obtain a where (E!a & ¬E!a)
5349    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5350  AOT_hence ¬E!a
5351    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
5352  AOT_hence ¬E!a
5353    using "4◇"[THEN "→E"] by blast
5354  AOT_thus x ¬E!x using "∃I" by fast
5355qed
5356
5357AOT_theorem "thm-cont-e:5": Contingent([E!])
5358proof -
5359  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5360    using "thm-cont-prop:2" GEN by fast
5361  AOT_hence Contingent([E!])  x E!x & x ¬E!x
5362    using "∀E"(2) by blast
5363  thus ?thesis
5364    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
5365qed
5366
5367AOT_theorem "thm-cont-e:6": Contingent([E!]-)
5368proof -
5369  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
5370    using "thm-cont-prop:3" GEN by fast
5371  AOT_hence Contingent([E!])  Contingent([E!]-)
5372    using "∀E"(2) by fast
5373  thus ?thesis using "thm-cont-e:5" "≡E" by blast
5374qed
5375
5376AOT_theorem "thm-cont-e:7":
5377  FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
5378proof (rule "∃I")+
5379  AOT_have F [«F::<κ>»]  [F]-
5380    using "thm-relation-negation:5" GEN by fast
5381  AOT_hence [E!]  [E!]-
5382    using "∀E" by fast
5383  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
5384    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
5385next
5386  AOT_show E!-
5387    by (fact AOT)
5388qed("cqt:2")
5389
5390AOT_theorem "property-facts:1":
5391  NonContingent([F])  ¬G (Contingent([G]) & G = F)
5392proof (rule "→I"; rule "raa-cor:2")
5393  AOT_assume NonContingent([F])
5394  AOT_hence 1: Necessary([F])  Impossible([F])
5395    using "contingent-properties:3"[THEN "≡dfE"] by blast
5396  AOT_assume G (Contingent([G]) & G = F)
5397  then AOT_obtain G where Contingent([G]) & G = F
5398    using "∃E"[rotated] by blast
5399  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
5400  AOT_hence ¬(Necessary([F])  Impossible([F]))
5401    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5402            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5403  AOT_thus (Necessary([F])  Impossible([F])) &
5404            ¬(Necessary([F])  Impossible([F]))
5405    using 1 "&I" by blast
5406qed
5407
5408AOT_theorem "property-facts:2":
5409  Contingent([F])  ¬G (NonContingent([G]) & G = F)
5410proof (rule "→I"; rule "raa-cor:2")
5411  AOT_assume Contingent([F])
5412  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
5413    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5414            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5415  AOT_assume G (NonContingent([G]) & G = F)
5416  then AOT_obtain G where NonContingent([G]) & G = F
5417    using "∃E"[rotated] by blast
5418  AOT_hence NonContingent([F])
5419    using "rule=E" "&E" by blast
5420  AOT_hence Necessary([F])  Impossible([F])
5421    using "contingent-properties:3"[THEN "≡dfE"] by blast
5422  AOT_thus (Necessary([F])  Impossible([F])) &
5423            ¬(Necessary([F])  Impossible([F]))
5424    using 1 "&I" by blast
5425qed
5426
5427AOT_theorem "property-facts:3":
5428  L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
5429proof -
5430  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
5431    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5432    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
5433  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
5434    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
5435  AOT_have not_noncontingent_if_contingent:
5436    ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
5437  proof(rule RAA(2))
5438    AOT_show ¬(Necessary([Π])  Impossible([Π]))
5439      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5440                    OF contingent_denotes[OF that], THEN "≡E"(1)]
5441      by blast
5442  next
5443    AOT_assume NonContingent([Π])
5444    AOT_thus Necessary([Π])  Impossible([Π])
5445      using "contingent-properties:3"[THEN "≡dfE"] by blast
5446  qed
5447
5448  show ?thesis
5449  proof (safe intro!: "&I")
5450    AOT_show L  [L]-
5451      apply (rule "=dfI"(2)[OF L_def])
5452       apply "cqt:2[lambda]"
5453      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5454       apply (rule GEN) apply (fact AOT)
5455      by "cqt:2[lambda]"
5456  next
5457    AOT_show L  E!
5458      apply (rule noneqI)
5459      using "thm-noncont-e-e:3"
5460            not_noncontingent_if_contingent[OF "thm-cont-e:5"]
5461      by auto
5462  next
5463    AOT_show L  E!-
5464      apply (rule noneqI)
5465      using "thm-noncont-e-e:3" apply fast
5466      apply (rule not_noncontingent_if_contingent)
5467      apply (rule "∀E"(1)[
5468            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5469            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5470      using "thm-cont-prop:3" GEN apply fast
5471      using "thm-cont-e:5" by fast+
5472  next
5473    AOT_show [L]-  E!-
5474      apply (rule noneqI)
5475      using "thm-noncont-e-e:4" apply fast
5476      apply (rule not_noncontingent_if_contingent)
5477      apply (rule "∀E"(1)[
5478            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5479            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5480      using "thm-cont-prop:3" GEN apply fast
5481      using "thm-cont-e:5" by fast+
5482  next
5483    AOT_show E!  E!-
5484      apply (rule "=dfI"(2)[OF L_def])
5485       apply "cqt:2[lambda]"
5486      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5487       apply (rule GEN) apply (fact AOT)
5488      by "cqt:2"
5489  qed
5490qed
5491
5492AOT_theorem "thm-cont-propos:1":
5493  NonContingent0(p)  NonContingent0(((p)-))
5494proof(rule "≡I"; rule "→I")
5495  AOT_assume NonContingent0(p)
5496  AOT_hence Necessary0(p)  Impossible0(p)
5497    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5498  moreover {
5499    AOT_assume Necessary0(p)
5500    AOT_hence 1: p
5501      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5502    AOT_have ¬((p)-)
5503      by (AOT_subst ¬((p)-) p)
5504         (auto simp add: 1 "thm-relation-negation:4")
5505    AOT_hence Impossible0(((p)-))
5506      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5507  }
5508  moreover {
5509    AOT_assume Impossible0(p)
5510    AOT_hence 1: ¬p
5511      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5512    AOT_have ((p)-)
5513      by (AOT_subst ((p)-) ¬p) 
5514         (auto simp: 1 "thm-relation-negation:3")
5515    AOT_hence Necessary0(((p)-))
5516      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5517  }
5518  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
5519    using "∨E"(1) "∨I" "→I" by metis
5520  AOT_thus NonContingent0(((p)-))
5521    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5522next
5523  AOT_assume NonContingent0(((p)-))
5524  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
5525    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5526  moreover {
5527    AOT_assume Impossible0(((p)-))
5528    AOT_hence 1: ¬((p)-)
5529      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5530    AOT_have p
5531      by (AOT_subst (reverse) p ¬((p)-))
5532         (auto simp: 1 "thm-relation-negation:4")
5533    AOT_hence Necessary0(p)
5534      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
5535  }
5536  moreover {
5537    AOT_assume Necessary0(((p)-))
5538    AOT_hence 1: ((p)-)
5539      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
5540    AOT_have ¬p
5541      by (AOT_subst (reverse) ¬p ((p)-))
5542         (auto simp: 1 "thm-relation-negation:3")
5543    AOT_hence Impossible0(p)
5544      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5545  }
5546  ultimately AOT_have Necessary0(p)  Impossible0(p)
5547    using "∨E"(1) "∨I" "→I" by metis
5548  AOT_thus NonContingent0(p)
5549    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5550qed
5551
5552AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
5553proof -
5554  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
5555    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
5556  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
5557    by (fact AOT)
5558  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
5559    by (fact AOT)
5560  also AOT_have   φ & ¬φ
5561    apply (AOT_subst φ ¬¬φ)
5562     apply (simp add: "conventions:5" "≡Df")
5563    apply (AOT_subst Impossible0(φ) ¬φ)
5564     apply (simp add: "contingent-properties:2[zero]" "≡Df")
5565    apply (AOT_subst (reverse) ¬φ ¬φ)
5566     apply (simp add: "KBasic:11")
5567    apply (AOT_subst Necessary0(φ) φ)
5568     apply (simp add: "contingent-properties:1[zero]" "≡Df")
5569    by (simp add: "oth-class-taut:3:a")
5570  finally show ?thesis.
5571qed
5572
5573AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
5574proof -
5575  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
5576  also AOT_have   ¬p & p by (fact AOT)
5577  also AOT_have   ((p)-) & p
5578    by (AOT_subst ((p)-) ¬p)
5579       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
5580  also AOT_have   ((p)-) & ¬((p)-)
5581    by (AOT_subst ¬((p)-) p)
5582       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
5583  also AOT_have   Contingent0(((p)-))
5584    using "thm-cont-propos:2"[symmetric] by blast
5585  finally show ?thesis.
5586qed
5587
5588AOT_define noncontingent_prop :: ‹φ› ("p0")
5589  p0_def: "(p0) =df (x (E!x  E!x))"
5590
5591AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
5592proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5593  AOT_show (p0)
5594    apply (rule "=dfI"(2)[OF p0_def])
5595    using "log-prop-prop:2" apply simp
5596    using "if-p-then-p" RN GEN by fast
5597qed
5598
5599AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
5600proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5601  AOT_show ¬((p0)-)
5602    apply (AOT_subst ((p0)-) ¬p0)
5603    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"]
5604     apply fast
5605    apply (AOT_subst (reverse) ¬¬p0 p0)
5606     apply (simp add: "oth-class-taut:3:b")
5607    apply (rule "=dfI"(2)[OF p0_def])
5608    using "log-prop-prop:2" apply simp
5609    using "if-p-then-p" RN GEN by fast
5610qed
5611
5612AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
5613  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5614  using "thm-noncont-propos:1" "∨I" by blast
5615
5616AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
5617  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5618  using "thm-noncont-propos:2" "∨I" by blast
5619
5620AOT_theorem "thm-noncont-propos:5":
5621  pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
5622proof(rule "∃I")+
5623  AOT_have 0: φ  (φ)- for φ
5624    using "thm-relation-negation:6" "∀I"
5625          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5626  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
5627    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
5628qed(auto simp: "log-prop-prop:2")
5629
5630AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
5631proof(rule "raa-cor:2")
5632  AOT_assume x(E!x & ¬𝒜E!x)
5633  then AOT_obtain a where a: E!a & ¬𝒜E!a
5634    using "∃E"[rotated] by blast
5635  AOT_hence 𝒜¬E!a
5636    using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5637  AOT_hence ¬E!a
5638    using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
5639  AOT_hence E!a & ¬E!a
5640    using a "&E" "&I" by blast
5641  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5642qed
5643
5644AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
5645proof(rule "raa-cor:2")
5646  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
5647  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
5648    using "Act-Basic:10"[THEN "≡E"(1)] by blast
5649  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a)
5650    using "∃E"[rotated] by blast
5651  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a
5652    using "Act-Basic:2"[THEN "≡E"(1)] by blast
5653  AOT_hence ¬𝒜𝒜E!a
5654    using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
5655  AOT_hence ¬𝒜E!a
5656    using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
5657  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
5658qed
5659
5660AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
5661proof (rule RAA(1))
5662  AOT_show ¬𝒜x (E!x & ¬𝒜E!x)
5663    using "pos-not-pna:1" by blast
5664next
5665  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
5666  AOT_hence x (E!x & ¬𝒜E!x)
5667    using "KBasic:12"[THEN "≡E"(2)] by blast
5668  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
5669    using "nec-imp-act"[THEN "→E"] by blast
5670qed
5671
5672AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
5673proof -
5674  AOT_obtain a where (E!a & ¬𝒜E!a)
5675    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
5676  AOT_hence θ: E!a and ξ: ¬𝒜E!a
5677    using "KBasic2:3"[THEN "→E"] "&E" by blast+
5678  AOT_have ¬𝒜E!a
5679    using ξ "KBasic:11"[THEN "≡E"(2)] by blast
5680  AOT_hence ¬𝒜E!a
5681    using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5682                        THEN "≡E"(2)] by blast
5683  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
5684  thus ?thesis using "∃I" by fast
5685qed
5686
5687AOT_define contingent_prop :: φ ("q0")
5688  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
5689
5690AOT_theorem q0_prop: q0 & ¬q0
5691  apply (rule "=dfI"(2)[OF q0_def])
5692  apply (fact "log-prop-prop:2")
5693  apply (rule "&I")
5694   apply (fact "qml:4"[axiom_inst])
5695  by (fact "pos-not-pna:2")
5696
5697AOT_theorem "basic-prop:1": Contingent0((q0))
5698proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5699  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
5700  proof (rule "&I";
5701         rule "=dfI"(2)[OF q0_def];
5702         (rule "log-prop-prop:2" | rule "raa-cor:2"))
5703    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
5704    AOT_hence x (E!x & ¬𝒜E!x)
5705      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5706    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
5707      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
5708    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
5709      using "pos-not-pna:1" "&I" by blast
5710  next
5711    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
5712    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5713      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5714    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5715      using "KBasic2:1"[THEN "≡E"(1)] by blast
5716    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
5717      using "qml:4"[axiom_inst] "&I" by blast
5718  qed
5719  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
5720    using "oth-class-taut:5:d" "≡E"(2) by blast
5721qed
5722
5723AOT_theorem "basic-prop:2": p Contingent0((p))
5724  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
5725
5726AOT_theorem "basic-prop:3": Contingent0(((q0)-))
5727  apply (AOT_subst ((q0)-) ¬q0)
5728   apply (insert "thm-relation-negation:3" "∀I"
5729                "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
5730  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5731  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
5732  apply (rule "&I")
5733   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]",
5734                  THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5735   apply (rule "conventions:5"[THEN "≡dfE"])
5736   apply (rule "=dfE"(2)[OF q0_def])
5737    apply (rule "log-prop-prop:2")
5738   apply (rule q0_prop[THEN "&E"(1)])
5739  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]",
5740                THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5741  apply (rule "conventions:5"[THEN "≡dfE"])
5742  by (rule q0_prop[THEN "&E"(2)])
5743
5744AOT_theorem "basic-prop:4":
5745  pq (p  q & Contingent0(p) & Contingent0(q))
5746proof(rule "∃I")+
5747  AOT_have 0: φ  (φ)- for φ
5748    using "thm-relation-negation:6" "∀I"
5749          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5750  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
5751    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
5752qed(auto simp: "log-prop-prop:2")
5753
5754AOT_theorem "proposition-facts:1":
5755  NonContingent0(p)  ¬q (Contingent0(q) & q = p)
5756proof(rule "→I"; rule "raa-cor:2")
5757  AOT_assume NonContingent0(p)
5758  AOT_hence 1: Necessary0(p)  Impossible0(p)
5759    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5760  AOT_assume q (Contingent0(q) & q = p)
5761  then AOT_obtain q where Contingent0(q) & q = p
5762    using "∃E"[rotated] by blast
5763  AOT_hence Contingent0(p)
5764    using "rule=E" "&E" by fast
5765  AOT_thus (Necessary0(p)  Impossible0(p)) &
5766            ¬(Necessary0(p)  Impossible0(p))
5767    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
5768qed
5769
5770AOT_theorem "proposition-facts:2":
5771  Contingent0(p)  ¬q (NonContingent0(q) & q = p)
5772proof(rule "→I"; rule "raa-cor:2")
5773  AOT_assume Contingent0(p)
5774  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
5775    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5776  AOT_assume q (NonContingent0(q) & q = p)
5777  then AOT_obtain q where NonContingent0(q) & q = p
5778    using "∃E"[rotated] by blast
5779  AOT_hence NonContingent0(p)
5780    using "rule=E" "&E" by fast
5781  AOT_thus (Necessary0(p)  Impossible0(p)) &
5782            ¬(Necessary0(p)  Impossible0(p))
5783    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
5784qed
5785
5786AOT_theorem "proposition-facts:3":
5787  (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
5788proof -
5789  {
5790    fix χ φ ψ
5791    AOT_assume χ{φ}
5792    moreover AOT_assume ¬χ{ψ}
5793    ultimately AOT_have ¬(χ{φ}  χ{ψ})
5794      using RAA "≡E" by metis
5795    moreover {
5796      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
5797        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
5798      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
5799        using "∀E" "log-prop-prop:2" by blast
5800    }
5801    ultimately AOT_have φ  ψ
5802      using "→E" by blast
5803  } note 0 = this
5804  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
5805    using "thm-cont-propos:3" "∀I"
5806          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5807  AOT_have not_noncontingent_if_contingent:
5808    ¬NonContingent0(φ) if Contingent0(φ) for φ
5809    apply (rule "contingent-properties:3[zero]"[THEN "≡Df",
5810                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5811    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5812  show ?thesis
5813    apply (rule "&I")+
5814    using "thm-relation-negation:6" "∀I"
5815          "∀E"(1)[rotated, OF "log-prop-prop:2"]
5816        apply fast
5817       apply (rule 0)
5818    using "thm-noncont-propos:3" apply fast
5819       apply (rule not_noncontingent_if_contingent)
5820       apply (fact AOT)
5821      apply (rule 0)
5822    apply (rule "thm-noncont-propos:3")
5823      apply (rule not_noncontingent_if_contingent)
5824      apply (rule contingent_neg[THEN "≡E"(1)])
5825      apply (fact AOT)
5826     apply (rule 0)
5827    apply (rule "thm-noncont-propos:4")
5828      apply (rule not_noncontingent_if_contingent)
5829      apply (rule contingent_neg[THEN "≡E"(1)])
5830     apply (fact AOT)
5831    using "thm-relation-negation:6" "∀I"
5832          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5833qed
5834
5835AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
5836  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
5837
5838AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
5839  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
5840
5841AOT_theorem "cont-true-cont:1":
5842  ContingentlyTrue((p))  Contingent0((p))
5843proof(rule "→I")
5844  AOT_assume ContingentlyTrue((p))
5845  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
5846  AOT_have ¬Necessary0((p))
5847    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5848                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5849    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
5850  moreover AOT_have ¬Impossible0((p))
5851    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5852                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5853    apply (rule "conventions:5"[THEN "≡dfE"])
5854    using "T◇"[THEN "→E", OF 1].
5855  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5856    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5857  AOT_thus Contingent0((p))
5858    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5859qed
5860
5861AOT_theorem "cont-true-cont:2":
5862  ContingentlyFalse((p))  Contingent0((p))
5863proof(rule "→I")
5864  AOT_assume ContingentlyFalse((p))
5865  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
5866  AOT_have ¬Necessary0((p))
5867    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5868                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5869    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
5870  moreover AOT_have ¬Impossible0((p))
5871    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5872                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5873    apply (rule "conventions:5"[THEN "≡dfE"])
5874    using 2.
5875  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5876    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5877  AOT_thus Contingent0((p))
5878    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5879qed
5880
5881AOT_theorem "cont-true-cont:3":
5882  ContingentlyTrue((p))  ContingentlyFalse(((p)-))
5883proof(rule "≡I"; rule "→I")
5884  AOT_assume ContingentlyTrue((p))
5885  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5886  AOT_have 1: ContingentlyFalse(¬p)
5887    apply (rule "cont-tf:2"[THEN "≡dfI"])
5888    apply (AOT_subst (reverse) ¬¬p p)
5889    by (auto simp: "oth-class-taut:3:b" 0)
5890  AOT_show ContingentlyFalse(((p)-))
5891    apply (AOT_subst ((p)-) ¬p)
5892    by (auto simp: "thm-relation-negation:3" 1)
5893next
5894  AOT_assume 1: ContingentlyFalse(((p)-))
5895  AOT_have ContingentlyFalse(¬p)
5896    by (AOT_subst (reverse) ¬p ((p)-))
5897       (auto simp: "thm-relation-negation:3" 1)
5898  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
5899  AOT_hence p & ¬p
5900    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
5901  AOT_thus ContingentlyTrue((p))
5902    using "cont-tf:1"[THEN "≡dfI"] by blast
5903qed
5904
5905AOT_theorem "cont-true-cont:4":
5906  ContingentlyFalse((p))  ContingentlyTrue(((p)-))
5907proof(rule "≡I"; rule "→I")
5908  AOT_assume ContingentlyFalse(p)
5909  AOT_hence 0: ¬p & p
5910    using "cont-tf:2"[THEN "≡dfE"] by blast
5911  AOT_have ¬p & ¬¬p
5912    by (AOT_subst (reverse) ¬¬p p)
5913       (auto simp: "oth-class-taut:3:b" 0)
5914  AOT_hence 1: ContingentlyTrue(¬p)
5915    by (rule "cont-tf:1"[THEN "≡dfI"])
5916  AOT_show ContingentlyTrue(((p)-))
5917    by (AOT_subst ((p)-) ¬p)
5918       (auto simp: "thm-relation-negation:3" 1)
5919next
5920  AOT_assume 1: ContingentlyTrue(((p)-))
5921  AOT_have ContingentlyTrue(¬p)
5922    by (AOT_subst (reverse) ¬p ((p)-))
5923       (auto simp add: "thm-relation-negation:3" 1)
5924  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5925  AOT_have p
5926    by (AOT_subst p ¬¬p)
5927       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
5928  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
5929  AOT_thus ContingentlyFalse(p)
5930    by (rule "cont-tf:2"[THEN "≡dfI"])
5931qed
5932
5933AOT_theorem "cont-true-cont:5":
5934  (ContingentlyTrue((p)) & Necessary0((q)))  p  q
5935proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5936  AOT_assume ContingentlyTrue((p))
5937  AOT_hence ¬p
5938    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
5939  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
5940  AOT_assume Necessary0((q))
5941  moreover AOT_assume ¬(p  q)
5942  AOT_hence p = q
5943    using "=-infix"[THEN "≡Df",
5944                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5945                    THEN "≡E"(1)]
5946          "useful-tautologies:1"[THEN "→E"] by blast
5947  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
5948  AOT_hence p
5949    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5950  AOT_thus p & ¬p using 0 "&I" by blast
5951qed
5952
5953AOT_theorem "cont-true-cont:6":
5954  (ContingentlyFalse((p)) & Impossible0((q)))  p  q
5955proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5956  AOT_assume ContingentlyFalse((p))
5957  AOT_hence p
5958    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
5959  AOT_hence 1: ¬¬p
5960    using "conventions:5"[THEN "≡dfE"] by blast
5961  AOT_assume Impossible0((q))
5962  moreover AOT_assume ¬(p  q)
5963  AOT_hence p = q
5964    using "=-infix"[THEN "≡Df",
5965                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5966                    THEN "≡E"(1)]
5967          "useful-tautologies:1"[THEN "→E"] by blast
5968  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
5969  AOT_hence ¬p
5970    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5971  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
5972qed
5973
5974AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
5975  apply (rule "cont-tf:2"[THEN "≡dfI"])
5976  apply (rule "=dfI"(2)[OF q0_def])
5977   apply (fact "log-prop-prop:2")
5978  apply (rule "&I")
5979   apply (fact "no-cnac")
5980  by (fact "qml:4"[axiom_inst])
5981
5982AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
5983  apply (rule "cont-tf:1"[THEN "≡dfI"])
5984  apply (rule "=dfI"(2)[OF q0_def])
5985   apply (fact "log-prop-prop:2")
5986  apply (rule "&I")
5987   apply (rule "thm-relation-negation:3"
5988                [unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
5989     apply (fact "no-cnac")
5990  apply (rule "rule=E"[rotated,
5991                OF "thm-relation-negation:7"
5992                   [unvarify p, OF "log-prop-prop:2", THEN id_sym]])
5993  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
5994  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5995
5996AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5997proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5998  AOT_assume q0
5999  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
6000  AOT_thus ContingentlyTrue(q0)
6001    by (rule "cont-tf:1"[THEN "≡dfI"])
6002next
6003  AOT_assume ¬q0
6004  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
6005  AOT_hence ContingentlyFalse(q0)
6006    by (rule "cont-tf:2"[THEN "≡dfI"])
6007  AOT_thus ContingentlyTrue(((q0)-))
6008    by (rule "cont-true-cont:4"[unvarify p,
6009                OF "log-prop-prop:2", THEN "≡E"(1)])
6010qed(auto simp: "log-prop-prop:2")
6011
6012
6013AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
6014proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
6015  AOT_assume q0
6016  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
6017  AOT_hence ContingentlyTrue(q0)
6018    by (rule "cont-tf:1"[THEN "≡dfI"])
6019  AOT_thus ContingentlyFalse(((q0)-))
6020    by (rule "cont-true-cont:3"[unvarify p,
6021                OF "log-prop-prop:2", THEN "≡E"(1)])
6022next
6023  AOT_assume ¬q0
6024  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
6025  AOT_thus ContingentlyFalse(q0)
6026    by (rule "cont-tf:2"[THEN "≡dfI"])
6027qed(auto simp: "log-prop-prop:2")
6028
6029AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
6030proof -
6031  fix x
6032  AOT_obtain p1 where ContingentlyTrue((p1))
6033    using "cont-tf-thm:1" "∃E"[rotated] by blast
6034  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6035  AOT_modally_strict {
6036    AOT_have for arbitrary p:  (z p]x  p)
6037      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
6038    AOT_hence for arbitrary p:   (z p]x  p)
6039      by (rule RN)
6040    AOT_hence p (z p]x  p) using GEN by fast
6041    AOT_hence (z p1]x  p1) using "∀E" by fast
6042  } note 2 = this
6043  AOT_hence (z p1]x  p1) using "∀E" by blast
6044  AOT_hence z p1]x
6045    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
6046  moreover AOT_have ¬z p1]x
6047    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
6048    apply (AOT_subst z p1]x p1)
6049    using 1[THEN "&E"(2)] by blast
6050  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
6051  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
6052  moreover AOT_have z p1] by "cqt:2[lambda]"
6053  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
6054qed
6055
6056AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
6057proof -
6058  fix x
6059  AOT_obtain p1 where ContingentlyFalse((p1))
6060    using "cont-tf-thm:2" "∃E"[rotated] by blast
6061  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6062  AOT_modally_strict {
6063    AOT_have for arbitrary p:  (z p]x  p)
6064      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
6065    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
6066      using "oth-class-taut:4:b" "≡E" by blast
6067    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
6068      by (rule RN)
6069    AOT_hence p (¬z p]x  ¬p) using GEN by fast
6070    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
6071  } note 2 = this
6072  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
6073  AOT_hence 3: ¬z p1]x
6074    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
6075  AOT_modally_strict {
6076    AOT_have for arbitrary p:  (z p]x  p)
6077      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
6078    AOT_hence for arbitrary p:  (z p]x  p)
6079      by (rule RN)
6080    AOT_hence p (z p]x  p) using GEN by fast
6081    AOT_hence (z p1]x  p1) using "∀E" by fast
6082  } note 4 = this
6083  AOT_have z p1]x
6084    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
6085    apply (AOT_subst z p1]x p1)
6086    using 1[THEN "&E"(2)] by blast
6087  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
6088  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
6089  moreover AOT_have z p1] by "cqt:2[lambda]"
6090  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
6091qed
6092
6093context
6094begin
6095
6096private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
6097    apply (rule "=dfI"(2)[OF L_def])
6098     apply "cqt:2[lambda]"
6099    apply (rule "beta-C-meta"[THEN "→E"])
6100  by "cqt:2[lambda]"
6101
6102private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
6103    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6104
6105private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
6106proof(rule "≡I"; rule "→I"; (rule "∀I")?)
6107  fix x
6108  AOT_assume 1: φ
6109  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
6110  also AOT_have   φ
6111    using "if-p-then-p" 1 "≡I" "→I" by simp
6112  also AOT_have   z φ]x
6113    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
6114  finally AOT_show [L]x  z φ]x.
6115next
6116  fix x
6117  AOT_assume x([L]x  z φ]x)
6118  AOT_hence [L]x  z φ]x using "∀E" by blast
6119  also AOT_have   φ using eqnotnec_123_Aux_ω.
6120  finally AOT_have φ  [L]x
6121    using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6122  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
6123  finally AOT_show φ using "≡E" "if-p-then-p" by fast
6124qed
6125private lemmas eqnotnec_123_Aux_ξ =
6126  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6127    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6128    THEN "RM◇"]
6129private lemmas eqnotnec_123_Aux_ξ' =
6130  eqnotnec_123_Aux_θ[
6131    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6132    THEN "RM◇"]
6133
6134AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6135proof-
6136  AOT_obtain p1 where ContingentlyTrue(p1)
6137    using "cont-tf-thm:1" "∃E"[rotated] by blast
6138  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6139  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
6140    apply - apply (rule "&I")
6141    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)]
6142          eqnotnec_123_Aux_ξ "→E" by fast+
6143  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
6144    by (rule "∃I") "cqt:2[lambda]"
6145  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
6146    apply (rule "∃I")
6147    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6148qed
6149
6150AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6151proof-
6152  AOT_obtain p1 where ContingentlyFalse(p1)
6153    using "cont-tf-thm:2" "∃E"[rotated] by blast
6154  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6155  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
6156    apply - apply (rule "&I")
6157    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6158                             THEN "≡E"(1)]
6159          "&E" eqnotnec_123_Aux_ξ' "→E" by fast+
6160  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
6161    by (rule "∃I") "cqt:2[lambda]"
6162  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
6163    apply (rule "∃I")
6164    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6165qed
6166
6167AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6168proof-
6169  AOT_have ¬𝒜q0
6170    apply (rule "=dfI"(2)[OF q0_def])
6171     apply (fact "log-prop-prop:2")
6172    by (fact AOT)
6173  AOT_hence 𝒜¬q0
6174    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6175  AOT_hence 𝒜¬x ([L]x  z q0]x)
6176    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6177            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6178            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
6179  moreover AOT_have x ([L]x  z q0]x)
6180    using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
6181  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x)
6182    using "&I" by blast
6183  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
6184    by (rule "∃I") "cqt:2[lambda]"
6185  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6186    apply (rule "∃I")
6187    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6188qed
6189
6190end
6191
6192AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6193proof(rule GEN)
6194  fix F
6195  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6196  proof(rule "→I"; rule GEN)
6197    AOT_modally_strict {
6198    fix x
6199    AOT_assume 0: ψ
6200    AOT_have z [F]z & ψ]x  [F]x & ψ
6201      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6202    also AOT_have ...  [F]x
6203      apply (rule "≡I"; rule "→I")
6204      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6205      apply blast
6206      using 0 "&I" by blast
6207    finally AOT_show [F]x  z [F]z & ψ]x
6208      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6209    }
6210  qed
6211
6212  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6213  proof (rule "→I"; rule GEN)
6214    AOT_modally_strict {
6215      fix x
6216      AOT_assume 0: ψ
6217      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6218        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6219      also AOT_have ...  [F]x
6220        apply (rule "≡I"; rule "→I")
6221        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6222              "&E"
6223         apply blast
6224        apply (rule "∨I"(1)) using 0 "&I" by blast
6225      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6226        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6227    }
6228  qed
6229
6230  AOT_have Aux_C:
6231     ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6232  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
6233  AOT_modally_strict {
6234      AOT_assume 0: ¬ψ
6235      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6236      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6237        using "∀E" by blast
6238      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6239          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6240      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6241        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6242      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6243        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6244      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
6245      ultimately AOT_have ψ using "≡E" "&E" by metis
6246      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6247    }
6248  qed
6249
6250  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6251      (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6252       ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6253  proof (rule "→I")
6254    AOT_assume A: z([F]z  z [F]z & ψ]z)
6255    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6256              ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6257    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
6258          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
6259          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6260      AOT_modally_strict {
6261        AOT_assume z ([F]z  z [F]z & ψ]z)
6262        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6263          using "∀E" by blast
6264        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6265        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6266          using "∀E" by blast
6267        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6268          using "≡E" 1 2 by meson
6269        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6270          by (rule GEN)
6271      }
6272    next
6273      AOT_modally_strict {
6274        AOT_assume z ([F]z  z [F]z & ψ]z)
6275        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6276          using "∀E" by blast
6277        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6278        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6279          using "∀E" by blast
6280        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6281          using 1 2 "≡E" by meson
6282        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6283          by (rule GEN)
6284      }
6285    qed(auto simp: A)
6286  qed
6287
6288  AOT_obtain p1 where p1_prop: p1 & ¬p1
6289    using "cont-tf-thm:1" "∃E"[rotated]
6290          "cont-tf:1"[THEN "≡dfE"] by blast
6291  {
6292    AOT_assume 1: x([F]x  z [F]z & p1]x)
6293    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6294      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6295    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6296      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6297    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6298      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6299    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) &
6300               ¬x([F]x  z [F]z & p1  ¬p1]x)
6301      using 2 "&I" by blast
6302    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6303      by (rule "∃I"(1)) "cqt:2[lambda]"
6304  }
6305  moreover {
6306    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6307    AOT_hence ¬x([F]x  z [F]z & p1]x)
6308      using "KBasic:11"[THEN "≡E"(1)] by blast
6309    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
6310      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
6311    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6312      by (rule "∃I"(1)) "cqt:2[lambda]"
6313  }
6314  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6315    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6316qed
6317
6318AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6319proof(rule GEN)
6320  fix F
6321  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6322  proof(rule "RM◇"; rule "→I"; rule GEN)
6323    AOT_modally_strict {
6324    fix x
6325    AOT_assume 0: ψ
6326    AOT_have z [F]z & ψ]x  [F]x & ψ
6327      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6328    also AOT_have ...  [F]x
6329      apply (rule "≡I"; rule "→I")
6330      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6331       apply blast
6332      using 0 "&I" by blast
6333    finally AOT_show [F]x  z [F]z & ψ]x
6334      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6335    }
6336  qed
6337
6338  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6339  proof (rule "RM◇"; rule "→I"; rule GEN)
6340    AOT_modally_strict {
6341      fix x
6342      AOT_assume 0: ψ
6343      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6344        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6345      also AOT_have ...  [F]x
6346        apply (rule "≡I"; rule "→I")
6347        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6348         apply blast
6349        apply (rule "∨I"(1)) using 0 "&I" by blast
6350      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6351        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6352    }
6353  qed
6354
6355  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6356  proof(rule "→I"; rule "raa-cor:2")
6357  AOT_modally_strict {
6358      AOT_assume 0: ¬ψ
6359      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6360      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6361        using "∀E" by blast
6362      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6363          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6364      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6365        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6366      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6367        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6368      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6369        using 0 "∨I" by blast
6370      ultimately AOT_have ψ using "≡E" "&E" by metis
6371      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6372    }
6373  qed
6374
6375  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6376    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6377     ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6378  proof (rule "→I"; rule "≡I";
6379         (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6380    AOT_modally_strict {
6381      AOT_assume z ([F]z  z [F]z & ψ]z)
6382      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6383        using "∀E" by blast
6384      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6385      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6386        using "∀E" by blast
6387      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6388        using "≡E" 1 2 by meson
6389      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6390        by (rule GEN)
6391    }
6392  next
6393    AOT_modally_strict {
6394      AOT_assume z ([F]z  z [F]z & ψ]z)
6395      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6396        using "∀E" by blast
6397      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6398      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6399        using "∀E" by blast
6400      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6401        using 1 2 "≡E" by meson
6402      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6403        by (rule GEN)
6404    }
6405  qed
6406
6407  AOT_obtain p1 where p1_prop: ¬p1 & p1
6408    using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
6409  {
6410    AOT_assume 1: x([F]x  z [F]z & p1]x)
6411    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6412      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6413    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6414      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6415    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6416      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6417    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) &
6418               x([F]x  z [F]z & p1  ¬p1]x)
6419      using 2 "&I" by blast
6420    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6421      by (rule "∃I"(1)) "cqt:2[lambda]"
6422  }
6423  moreover {
6424    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6425    AOT_hence ¬x([F]x  z [F]z & p1]x)
6426      using "KBasic:11"[THEN "≡E"(1)] by blast
6427    AOT_hence ¬x ([F]x  z [F]z & p1]x) &
6428               x([F]x  z [F]z & p1]x)
6429      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
6430    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6431      by (rule "∃I"(1)) "cqt:2[lambda]"
6432  }
6433  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6434    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6435qed
6436
6437AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6438proof(rule GEN)
6439  fix F
6440  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6441  proof(rule "RM◇"; rule "→I"; rule GEN)
6442    AOT_modally_strict {
6443    fix x
6444    AOT_assume 0: ψ
6445    AOT_have z [F]z & ψ]x  [F]x & ψ
6446      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6447    also AOT_have ...  [F]x
6448      apply (rule "≡I"; rule "→I")
6449      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6450            "&E"
6451       apply blast
6452      using 0 "&I" by blast
6453    finally AOT_show [F]x  z [F]z & ψ]x
6454      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6455    }
6456  qed
6457
6458  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6459  proof (rule "RM◇"; rule "→I"; rule GEN)
6460    AOT_modally_strict {
6461      fix x
6462      AOT_assume 0: ψ
6463      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6464        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6465      also AOT_have ...  [F]x
6466        apply (rule "≡I"; rule "→I")
6467        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6468         apply blast
6469        apply (rule "∨I"(1)) using 0 "&I" by blast
6470      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6471        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6472    }
6473  qed
6474
6475  AOT_have Aux_C:
6476     𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6477  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
6478  AOT_modally_strict {
6479      AOT_assume 0: ¬ψ
6480      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6481      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6482        using "∀E" by blast
6483      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6484          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6485      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6486        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6487      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6488        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6489      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6490        using 0 "∨I" by blast
6491      ultimately AOT_have ψ using "≡E" "&E" by metis
6492      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6493    }
6494  qed
6495
6496  AOT_have (z ([F]z  z [F]z & ψ]z) 
6497    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6498     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6499  proof (rule RN; rule "→I")
6500    AOT_modally_strict {
6501        AOT_assume z ([F]z  z [F]z & ψ]z)
6502        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6503                  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6504          apply -
6505        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6506          AOT_assume z ([F]z  z [F]z & ψ]z)
6507          AOT_hence 1: [F]z  z [F]z & ψ]z for z
6508            using "∀E" by blast
6509          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6510          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6511            using "∀E" by blast
6512          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6513            using "≡E" 1 2 by meson
6514          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6515            by (rule GEN)
6516        next
6517            AOT_assume z ([F]z  z [F]z & ψ]z)
6518            AOT_hence 1: [F]z  z [F]z & ψ]z for z
6519              using "∀E" by blast
6520            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6521            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6522              using "∀E" by blast
6523            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6524              using 1 2 "≡E" by meson
6525            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6526              by (rule GEN)
6527        qed
6528    }
6529  qed
6530  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z) 
6531    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6532     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6533    using "nec-imp-act"[THEN "→E"] by blast
6534  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z) 
6535    𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6536    ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6537    using "act-cond"[THEN "→E"] by blast
6538  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z) 
6539    (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6540     𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6541    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
6542
6543  AOT_have ¬𝒜q0
6544    apply (rule "=dfI"(2)[OF q0_def])
6545     apply (fact "log-prop-prop:2")
6546    by (fact AOT)
6547  AOT_hence q0_prop_1: 𝒜¬q0
6548    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6549  {
6550    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
6551    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
6552      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
6553    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
6554      using Aux_C[THEN "→E", OF q0_prop_1].
6555    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
6556      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6557    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) &
6558               x([F]x  z [F]z & q0  ¬q0]x)
6559      using 2 "&I" by blast
6560    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6561      by (rule "∃I"(1)) "cqt:2[lambda]"
6562  }
6563  moreover {
6564    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
6565    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
6566      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6567    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
6568      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
6569    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6570      by (rule "∃I"(1)) "cqt:2[lambda]"
6571  }
6572  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6573    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6574qed
6575
6576AOT_theorem "oa-contingent:1": O!  A!
6577proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6578  fix x
6579  AOT_assume 1: O! = A!
6580  AOT_hence x E!x] = A!
6581    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6582  AOT_hence x E!x] = x ¬E!x]
6583    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6584  moreover AOT_have x E!x]x  E!x
6585    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6586  ultimately AOT_have x ¬E!x]x  E!x
6587    using "rule=E" by fast
6588  moreover AOT_have x ¬E!x]x  ¬E!x
6589    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6590  ultimately AOT_have E!x  ¬E!x
6591    using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
6592  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)"
6593    using "oth-class-taut:3:c" "&I" by blast
6594qed
6595
6596AOT_theorem "oa-contingent:2": O!x  ¬A!x
6597proof -
6598  AOT_have O!x  x E!x]x
6599    apply (rule "≡I"; rule "→I")
6600     apply (rule "=dfE"(2)[OF AOT_ordinary])
6601      apply "cqt:2[lambda]"
6602     apply argo
6603    apply (rule  "=dfI"(2)[OF AOT_ordinary])
6604     apply "cqt:2[lambda]"
6605    by argo
6606  also AOT_have   E!x
6607    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6608  also AOT_have   ¬¬E!x
6609    using "oth-class-taut:3:b".
6610  also AOT_have   ¬x ¬E!x]x
6611    by (rule "beta-C-meta"[THEN "→E",
6612              THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6613       "cqt:2"
6614  also AOT_have   ¬A!x
6615    apply (rule "≡I"; rule "→I")
6616     apply (rule "=dfI"(2)[OF AOT_abstract])
6617      apply "cqt:2[lambda]"
6618     apply argo
6619    apply (rule "=dfE"(2)[OF AOT_abstract])
6620     apply "cqt:2[lambda]"
6621    by argo
6622  finally show ?thesis.
6623qed
6624
6625AOT_theorem "oa-contingent:3": A!x  ¬O!x
6626  by (AOT_subst A!x ¬¬A!x)
6627     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN
6628         "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6629
6630AOT_theorem "oa-contingent:4": Contingent(O!)
6631proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)];
6632       rule "&I")
6633  AOT_have x E!x using "thm-cont-e:3" .
6634  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6635  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6636  AOT_hence x E!x]a
6637    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2"
6638  AOT_hence O!a
6639    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
6640  AOT_hence x O!x using "∃I" by blast
6641  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
6642next
6643  AOT_obtain a where A!a
6644    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6645  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
6646  AOT_hence x ¬O!x using "∃I" by fast
6647  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
6648qed
6649
6650AOT_theorem "oa-contingent:5": Contingent(A!)
6651proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)];
6652       rule "&I")
6653  AOT_obtain a where A!a
6654    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6655  AOT_hence x A!x using "∃I" by fast
6656  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
6657next
6658  AOT_have x E!x using "thm-cont-e:3" .
6659  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6660  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6661  AOT_hence x E!x]a
6662    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
6663  AOT_hence O!a
6664    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6665  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
6666  AOT_hence x ¬A!x using "∃I" by fast
6667  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
6668qed
6669
6670AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
6671proof -
6672  AOT_have O!x  ¬A!x
6673    using "oa-contingent:2" by blast
6674  also AOT_have   A!-x
6675    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
6676  finally AOT_have 1: O!x  A!-x.
6677
6678  AOT_have A!x  ¬O!x
6679    using "oa-contingent:3" by blast
6680  also AOT_have   O!-x
6681    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
6682  finally AOT_have 2: A!x  O!-x.
6683
6684  AOT_show O!-x  ¬A!-x
6685    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
6686          "oa-contingent:3"[of _ x] 2[symmetric]
6687          "≡E"(5) by blast
6688qed
6689
6690AOT_theorem "oa-contingent:6": O!-  A!-
6691proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6692  AOT_assume 1: O!- = A!-
6693  fix x
6694  AOT_have A!-x  O!-x
6695    apply (rule "rule=E"[rotated, OF 1])
6696    by (fact "oth-class-taut:3:a")
6697  AOT_hence A!-x  ¬A!-x
6698    using "oa-contingent:7" "≡E" by fast
6699  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x)
6700    using "oth-class-taut:3:c" "&I" by blast
6701qed
6702
6703AOT_theorem "oa-contingent:8": Contingent(O!-)
6704  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1),
6705          OF "oa-contingent:4"].
6706
6707AOT_theorem "oa-contingent:9": Contingent(A!-)
6708  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1),
6709          OF "oa-contingent:5"].
6710
6711AOT_define WeaklyContingent :: ‹Π  φ› (WeaklyContingent'(_'))
6712  "df-cont-nec":
6713  WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)
6714
6715AOT_theorem "cont-nec-fact1:1":
6716  WeaklyContingent([F])  WeaklyContingent([F]-)
6717proof -
6718  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
6719    using "df-cont-nec"[THEN "≡Df"] by blast
6720  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
6721    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
6722    using "thm-cont-prop:3".
6723  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
6724  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)];
6725         rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
6726    fix x
6727    AOT_assume 0: x ([F]x  [F]x)
6728    AOT_assume 1: [F]-x
6729    AOT_have ¬[F]x
6730      by (AOT_subst (reverse) ¬[F]x [F]-x)
6731         (auto simp add: "thm-relation-negation:1" 1)
6732    AOT_hence 2: ¬[F]x
6733      using "KBasic:11"[THEN "≡E"(2)] by blast
6734    AOT_show [F]-x
6735    proof (rule "raa-cor:1")
6736      AOT_assume 3: ¬[F]-x
6737      AOT_have ¬¬[F]x
6738        by (AOT_subst (reverse) ¬[F]x [F]-x)
6739           (auto simp add: "thm-relation-negation:1" 3)
6740      AOT_hence [F]x
6741        using "conventions:5"[THEN "≡dfI"] by simp
6742      AOT_hence [F]x using 0 "∀E" "→E" by fast
6743      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
6744    qed
6745  next
6746    fix x
6747    AOT_assume 0: x ([F]-x  [F]-x)
6748    AOT_assume 1: [F]x
6749    AOT_have ¬[F]-x
6750      by (AOT_subst ¬[F]-x [F]x)
6751         (auto simp: "thm-relation-negation:2" 1)
6752    AOT_hence 2: ¬[F]-x
6753      using "KBasic:11"[THEN "≡E"(2)] by blast
6754    AOT_show [F]x
6755    proof (rule "raa-cor:1")
6756      AOT_assume 3: ¬[F]x
6757      AOT_have ¬¬[F]-x
6758        by (AOT_subst ¬[F]-x [F]x)
6759           (auto simp add: "thm-relation-negation:2" 3)
6760      AOT_hence [F]-x
6761        using "conventions:5"[THEN "≡dfI"] by simp
6762      AOT_hence [F]-x using 0 "∀E" "→E" by fast
6763      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
6764    qed
6765  qed
6766  also AOT_have   WeaklyContingent([F]-)
6767    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
6768  finally show ?thesis.
6769qed
6770
6771AOT_theorem "cont-nec-fact1:2":
6772  (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
6773proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6774  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
6775  AOT_hence WeaklyContingent([F]) using "&E" by blast
6776  moreover AOT_assume F = G
6777  ultimately AOT_have WeaklyContingent([G])
6778    using "rule=E" by blast
6779  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
6780    using 1 "&I" "&E" by blast
6781qed
6782
6783AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
6784proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6785  AOT_show Contingent(O!)
6786    using "oa-contingent:4".
6787next
6788  AOT_show x ([O!]x  [O!]x)
6789    apply (rule GEN; rule "→I")
6790    using "oa-facts:5"[THEN "≡E"(1)] by blast
6791qed
6792
6793
6794AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
6795proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6796  AOT_show Contingent(A!)
6797    using "oa-contingent:5".
6798next
6799  AOT_show x ([A!]x  [A!]x)
6800    apply (rule GEN; rule "→I")
6801    using "oa-facts:6"[THEN "≡E"(1)] by blast
6802qed
6803
6804AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
6805proof (rule "df-cont-nec"[THEN "≡Df",
6806                          THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6807                          THEN "≡E"(2)];
6808       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
6809  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
6810  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
6811  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
6812  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
6813  moreover AOT_assume x ([E!]x  [E!]x)
6814  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
6815  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
6816  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
6817  moreover AOT_have ¬𝒜E!a
6818    using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
6819  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
6820  AOT_thus p & ¬p for p using "raa-cor:1" by blast
6821qed
6822
6823AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
6824  apply (rule "df-cont-nec"[THEN "≡Df",
6825                            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6826                            THEN "≡E"(2)];
6827       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
6828  apply (rule "contingent-properties:4"
6829                [THEN "≡Df",
6830                 THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6831                 THEN "≡E"(2)])
6832  apply (rule DeMorgan(1)[THEN "≡E"(2)];
6833         rule "∨I"(2);
6834         rule "useful-tautologies:2"[THEN "→E"])
6835  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
6836
6837AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
6838proof -
6839  AOT_have 1: L
6840    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6841  {
6842    fix φ and Π Π' :: <κ>
6843    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6844    proof (rule "raa-cor:2")
6845      AOT_assume φ{Π'}  φ{Π}
6846      AOT_hence φ{Π'} using that(1) "≡E" by blast
6847      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6848    qed
6849    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6850      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6851                                 OF that(1,2), OF A[OF that(3, 4)]].
6852  } note 0 = this
6853  show ?thesis
6854    apply(safe intro!: "&I"; rule 0)
6855    apply "cqt:2"
6856    using "oa-exist:1" apply blast
6857    using "cont-nec-fact2:3" apply fast
6858    apply (rule "useful-tautologies:2"[THEN "→E"])
6859    using "cont-nec-fact2:1" apply fast
6860    using "rel-neg-T:3" apply fast
6861    using "oa-exist:1" apply blast
6862    using "cont-nec-fact1:1"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6863            THEN "≡E"(1), rotated, OF "cont-nec-fact2:3"] apply fast
6864    apply (rule "useful-tautologies:2"[THEN "→E"])
6865    using "cont-nec-fact2:1" apply blast
6866    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6867    using "oa-exist:1" apply fast
6868    using "cont-nec-fact2:4" apply fast
6869    apply (rule "useful-tautologies:2"[THEN "→E"])
6870    using "cont-nec-fact2:1" apply fast
6871    using "rel-neg-T:3" apply fast
6872    using "oa-exist:1" apply fast
6873     apply (rule "cont-nec-fact1:1"[unvarify F,
6874                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6875                    THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6876    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6877    apply (rule "useful-tautologies:2"[THEN "→E"])
6878    using "cont-nec-fact2:1" by blast
6879qed
6880
6881AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
6882proof -
6883  AOT_have 1: L
6884    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6885  {
6886    fix φ and Π Π' :: <κ>
6887    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6888    proof (rule "raa-cor:2")
6889      AOT_assume φ{Π'}  φ{Π}
6890      AOT_hence φ{Π'} using that(1) "≡E" by blast
6891      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6892    qed
6893    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6894      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6895              OF that(1,2), OF A[OF that(3, 4)]].
6896  } note 0 = this
6897  show ?thesis
6898    apply(safe intro!: "&I"; rule 0)
6899    apply "cqt:2"
6900    using "oa-exist:2" apply blast
6901    using "cont-nec-fact2:3" apply fast
6902    apply (rule "useful-tautologies:2"[THEN "→E"])
6903    using "cont-nec-fact2:2" apply fast
6904    using "rel-neg-T:3" apply fast
6905    using "oa-exist:2" apply blast
6906    using "cont-nec-fact1:1"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6907            THEN "≡E"(1), rotated, OF "cont-nec-fact2:3"] apply fast
6908    apply (rule "useful-tautologies:2"[THEN "→E"])
6909    using "cont-nec-fact2:2" apply blast
6910    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6911    using "oa-exist:2" apply fast
6912    using "cont-nec-fact2:4" apply fast
6913    apply (rule "useful-tautologies:2"[THEN "→E"])
6914    using "cont-nec-fact2:2" apply fast
6915    using "rel-neg-T:3" apply fast
6916    using "oa-exist:2" apply fast
6917     apply (rule "cont-nec-fact1:1"[unvarify F,
6918              THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6919              THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6920     apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6921    apply (rule "useful-tautologies:2"[THEN "→E"])
6922    using "cont-nec-fact2:2" by blast
6923qed
6924
6925AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
6926  Δp df p  (¬𝒜p & p)
6927
6928AOT_theorem sixteen:
6929 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
6930  «F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 &
6931    F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 &
6932    F1  F14 & F1  F15 & F1  F16 &
6933  F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 &
6934    F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 &
6935    F2  F15 & F2  F16 &
6936  F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 &
6937    F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
6938  F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 &
6939    F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
6940  F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 &
6941    F5  F13 & F5  F14 & F5  F15 & F5  F16 &
6942  F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 &
6943    F6  F14 & F6  F15 & F6  F16 &
6944  F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 &
6945    F7  F15 & F7  F16 &
6946  F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 &
6947    F8  F16 &
6948  F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
6949  F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
6950  F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
6951  F12  F13 & F12  F14 & F12  F15 & F12  F16 &
6952  F13  F14 & F13  F15 & F13  F16 &
6953  F14  F15 & F14  F16 &
6954  F15  F16) 
6955proof -
6956  AOT_have Delta_pos: Δφ  φ for φ
6957  proof(rule "→I")
6958    AOT_assume Δφ
6959    AOT_hence φ  (¬𝒜φ & φ)
6960      using "≡dfE"[OF necessary_or_contingently_false] by blast
6961    moreover {
6962      AOT_assume φ
6963      AOT_hence φ
6964        by (metis "B◇" "T◇" "vdash-properties:10")
6965    }
6966    moreover {
6967      AOT_assume ¬𝒜φ & φ
6968      AOT_hence φ
6969        using "&E" by blast
6970    }
6971    ultimately AOT_show φ
6972      by (metis "∨E"(2) "raa-cor:1") 
6973  qed
6974
6975  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6976    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false
6977          "raa-cor:3" that(1,2) by blast
6978  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6979    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1,2) by blast
6980  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
6981    using Delta_pos "modus-tollens:1" that by blast
6982  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
6983    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1,2))
6984  AOT_have nec_delta: Δφ if φ for φ
6985    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
6986
6987  AOT_obtain a where a_prop: A!a
6988    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6989  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
6990    using "pos-not-pna:3" using "∃E"[rotated] by blast
6991
6992  AOT_have b_ord: [O!]b
6993  proof(rule "=dfI"(2)[OF AOT_ordinary])
6994    AOT_show x [E!]x] by "cqt:2[lambda]"
6995  next
6996    AOT_show x [E!]x]b
6997    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
6998      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
6999      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
7000    qed
7001  qed
7002
7003  AOT_have nec_not_L_neg: ¬[L-]x for x
7004    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
7005          CBF[THEN "→E"] "∀E" by blast
7006  AOT_have nec_L: [L]x for x
7007    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
7008      CBF[THEN "→E"] "∀E" by blast
7009
7010  AOT_have act_ord_b: 𝒜[O!]b
7011    using b_ord "≡E"(1) "oa-facts:7" by blast
7012  AOT_have delta_ord_b: Δ[O!]b
7013    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false
7014              "oa-facts:1" "→E")
7015  AOT_have not_act_ord_a: ¬𝒜[O!]a
7016    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
7017  AOT_have not_delta_ord_a: ¬Δ[O!]a
7018    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7"
7019              "reductio-aa:1" "→E")
7020
7021  AOT_have not_act_abs_b: ¬𝒜[A!]b
7022    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
7023  AOT_have not_delta_abs_b: ¬Δ[A!]b
7024  proof(rule "raa-cor:2")
7025    AOT_assume Δ[A!]b
7026    AOT_hence [A!]b
7027      by (metis Delta_pos "vdash-properties:10")
7028    AOT_thus [A!]b & ¬[A!]b
7029      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2"
7030                "oa-facts:4" "→E")
7031  qed
7032  AOT_have act_abs_a: 𝒜[A!]a
7033    using a_prop "≡E"(1) "oa-facts:8" by blast
7034  AOT_have delta_abs_a: Δ[A!]a
7035    by (metis "≡dfI" a_prop "oa-facts:2" "→E" "∨I"(1)
7036              necessary_or_contingently_false)
7037
7038  AOT_have not_act_concrete_b: ¬𝒜[E!]b
7039    using b_prop "&E"(2) by blast
7040  AOT_have delta_concrete_b: Δ[E!]b
7041  proof (rule "≡dfI"[OF necessary_or_contingently_false];
7042         rule "∨I"(2); rule "&I")
7043    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
7044  next
7045    AOT_show [E!]b using b_prop "&E"(1) by blast
7046  qed
7047  AOT_have not_act_concrete_a: ¬𝒜[E!]a
7048  proof (rule "raa-cor:2")
7049    AOT_assume 𝒜[E!]a
7050    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "→E")
7051    AOT_have [A!]a by (simp add: a_prop)
7052    AOT_hence x ¬[E!]x]a
7053      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2"
7054    AOT_hence ¬[E!]a using "β→C"(1) by blast
7055    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
7056  qed
7057  AOT_have not_delta_concrete_a: ¬Δ[E!]a
7058  proof (rule "raa-cor:2")
7059    AOT_assume Δ[E!]a
7060    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
7061    AOT_have [A!]a by (simp add: a_prop)
7062    AOT_hence x ¬[E!]x]a
7063      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
7064    AOT_hence ¬[E!]a using "β→C"(1) by blast
7065    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
7066  qed
7067
7068  AOT_have not_act_q_zero: ¬𝒜q0
7069    by (meson "log-prop-prop:2" "pos-not-pna:1"
7070              q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
7071  AOT_have delta_q_zero: Δq0
7072  proof(rule "≡dfI"[OF necessary_or_contingently_false];
7073        rule "∨I"(2); rule "&I")
7074    AOT_show ¬𝒜q0 using not_act_q_zero.
7075    AOT_show q0 by (meson "&E"(1) q0_prop)
7076  qed
7077  AOT_have act_not_q_zero: 𝒜¬q0
7078    using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
7079  AOT_have not_delta_not_q_zero: ¬Δ¬q0
7080    using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7081          "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
7082
7083  AOT_have [L-] by (simp add: "rel-neg-T:3")
7084  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
7085  proof (safe intro!: "&I")
7086    AOT_show ¬𝒜[L-]b
7087      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act"
7088                nec_not_L_neg "→E")
7089    AOT_show ¬Δ[L-]b
7090      by (meson Delta_pos "KBasic2:1" "≡E"(1)
7091                "modus-tollens:1" nec_not_L_neg)
7092    AOT_show ¬𝒜[L-]a
7093      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst]
7094                "nec-imp-act" nec_not_L_neg "→E")
7095    AOT_show ¬Δ[L-]a
7096      using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1"
7097            nec_not_L_neg by blast
7098  qed
7099  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
7100    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7101  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
7102    using "&E" by blast+
7103  note props = this
7104
7105  let  = "«y [A!]y & q0]»"
7106  AOT_modally_strict {
7107    AOT_have [«»] by "cqt:2[lambda]"
7108  } note 1 = this
7109  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7110  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
7111    AOT_show ¬𝒜([A!]b & q0)
7112      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7113  next AOT_show ¬Δ([A!]b & q0)
7114      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b
7115                "oa-facts:4" "oa-facts:8" "raa-cor:3" "→E")
7116  next AOT_show ¬𝒜([A!]a & q0)
7117      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero
7118            "raa-cor:3" by blast
7119  next AOT_show Δ([A!]a & q0)
7120    proof (rule not_act_and_pos_delta)
7121      AOT_show ¬𝒜([A!]a & q0)
7122        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero
7123              "raa-cor:3" by blast
7124    next AOT_show ([A!]a & q0)
7125        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a
7126                  "≡E"(1) "oa-facts:6" q0_prop)
7127    qed
7128  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7129  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
7130    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7131  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
7132    using "&E" by blast+
7133  note props = props this
7134
7135  let  = "«y [A!]y & ¬q0]»"
7136  AOT_modally_strict {
7137    AOT_have [«»] by "cqt:2[lambda]"
7138  } note 1 = this
7139  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7140  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
7141    AOT_show ¬𝒜([A!]b & ¬q0)
7142      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7143  next AOT_show ¬Δ([A!]b & ¬q0)
7144      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4)
7145                "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
7146  next AOT_show 𝒜([A!]a & ¬q0)
7147      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7148                "≡E"(3) not_act_q_zero "raa-cor:3")
7149  next AOT_show ¬Δ([A!]a & ¬q0)
7150    proof (rule act_and_not_nec_not_delta)
7151      AOT_show 𝒜([A!]a & ¬q0)
7152        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7153                  "≡E"(3) not_act_q_zero "raa-cor:3")
7154    next
7155      AOT_show ¬([A!]a & ¬q0)
7156        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4)
7157                  q0_prop "raa-cor:3")
7158    qed
7159  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7160  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
7161    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7162  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
7163    using "&E" by blast+
7164  note props = props this
7165
7166  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
7167    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b
7168    by presburger
7169  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
7170    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
7171  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
7172    using "&E" by blast+
7173  note props = props this
7174
7175  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
7176    by (meson "&I" delta_concrete_b not_act_concrete_a
7177              not_act_concrete_b not_delta_concrete_a)
7178  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
7179    using "∃I"(1)[rotated, THEN "∃E"[rotated]]
7180    by fastforce
7181  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
7182    using "&E" by blast+
7183  note props = props this
7184
7185  AOT_modally_strict {
7186    AOT_have y q0] by "cqt:2[lambda]"
7187  } note 1 = this
7188  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
7189    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
7190       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
7191  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
7192    using "∃I"(1)[rotated, THEN "∃E"[rotated]]
7193    by fastforce
7194  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
7195    using "&E" by blast+
7196  note props = props this
7197
7198  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
7199  AOT_modally_strict {
7200    AOT_have [«»] by "cqt:2[lambda]"
7201  } note 1 = this
7202  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7203  proof(safe intro!: "&I";
7204        AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
7205    AOT_have 𝒜¬([A!]b & ¬q0)
7206      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
7207                "≡E"(1) "raa-cor:3")
7208    moreover AOT_have ¬𝒜[E!]b
7209      using b_prop "&E"(2) by blast
7210    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
7211      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
7212    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
7213      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
7214         (auto simp: "oth-class-taut:5:d" 2)
7215    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
7216      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
7217  next
7218    AOT_show Δ([E!]b  ([A!]b & ¬q0))
7219    proof (rule not_act_and_pos_delta)
7220      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
7221        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "raa-cor:3"
7222                  "Conjunction Simplification"(1) "≡E"(4)
7223                  "modus-tollens:1" not_act_abs_b not_act_concrete_b)
7224    next
7225      AOT_show ([E!]b  ([A!]b & ¬q0))
7226        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
7227    qed
7228  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7229      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7230                "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7231  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
7232    proof (rule act_and_not_nec_not_delta)
7233      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7234        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7235                  "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7236    next
7237      AOT_have ¬[E!]a
7238        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2)
7239                  necessary_or_contingently_false
7240                  not_act_concrete_a not_delta_concrete_a "raa-cor:3")
7241      moreover AOT_have ¬([A!]a & ¬q0)
7242        by (metis "KBasic2:1" "KBasic:11" "KBasic:3"
7243                  "&E"(1,2) "≡E"(1) q0_prop "raa-cor:3")
7244      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0))
7245        by (metis "KBasic:16" "&I" "vdash-properties:10")
7246      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
7247        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
7248      AOT_thus ¬([E!]a  ([A!]a & ¬q0))
7249        by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
7250    qed
7251  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7252  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
7253    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7254  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
7255    using "&E" by blast+
7256  note props = props this
7257
7258  let  = "«y [A!]y  [E!]y]»"
7259  AOT_modally_strict {
7260    AOT_have [«»] by "cqt:2[lambda]"
7261  } note 1 = this
7262  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
7263  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
7264    AOT_show ¬𝒜([A!]b  [E!]b)
7265      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7266            not_act_concrete_b "raa-cor:3" by blast
7267  next AOT_show Δ([A!]b  [E!]b)
7268    proof (rule not_act_and_pos_delta)
7269      AOT_show ¬𝒜([A!]b  [E!]b)
7270        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7271              not_act_concrete_b "raa-cor:3" by blast
7272    next AOT_show ([A!]b  [E!]b)
7273        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
7274    qed
7275  next AOT_show 𝒜([A!]a  [E!]a)
7276      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
7277  next AOT_show Δ([A!]a  [E!]a)
7278    proof (rule nec_delta)
7279      AOT_show ([A!]a  [E!]a)
7280        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta
7281                  "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "→E")
7282    qed
7283  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7284  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
7285    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7286  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
7287    using "&E" by blast+
7288  note props = props this
7289
7290  let  = "«y [O!]y & ¬[E!]y]»"
7291  AOT_modally_strict {
7292    AOT_have [«»] by "cqt:2[lambda]"
7293  } note 1 = this
7294  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
7295  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
7296    AOT_show 𝒜([O!]b & ¬[E!]b)
7297      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2)
7298                "≡E"(3) not_act_concrete_b "raa-cor:3")
7299  next AOT_show ¬Δ([O!]b & ¬[E!]b)
7300      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1"
7301                act_and_not_nec_not_delta "act-conj-act:3"
7302                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2)
7303                "df-rules-formulas[3]"
7304                "≡E"(3) "raa-cor:1" "→E")
7305  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
7306      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
7307  next AOT_have ¬([O!]a & ¬[E!]a)
7308      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3"
7309                "oa-facts:7" "raa-cor:3" "vdash-properties:10")
7310    AOT_thus ¬Δ([O!]a & ¬[E!]a)
7311      by (rule impossible_delta)
7312  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7313  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
7314    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7315  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
7316    using "&E" by blast+
7317  note props = props this
7318
7319  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
7320  AOT_modally_strict {
7321    AOT_have [«»] by "cqt:2[lambda]"
7322  } note 1 = this
7323  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7324  proof(safe intro!: "&I";
7325        AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
7326    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7327      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7328                "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7329  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
7330    proof (rule act_and_pos_not_not_delta)
7331      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7332        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7333                  "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7334    next
7335      AOT_show ¬(¬[E!]b & ([O!]b  q0))
7336      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
7337        AOT_modally_strict {
7338          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
7339            by (metis "&I" "&E"(1,2) "∨I"(1,2) "∨E"(2)
7340                      "→I" "≡I" "reductio-aa:1")
7341        }
7342      next
7343        AOT_show ([E!]b  ¬([O!]b  q0))
7344          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3)
7345                "raa-cor:3" by blast
7346       qed
7347     qed
7348   next
7349     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7350       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7351             not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
7352   next
7353     AOT_show Δ(¬[E!]a & ([O!]a  q0))
7354     proof (rule not_act_and_pos_delta)
7355       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7356         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7357                   not_act_ord_a not_act_q_zero "reductio-aa:2")
7358     next
7359       AOT_have ¬[E!]a
7360         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a
7361               not_delta_concrete_a "raa-cor:5" by blast
7362       moreover AOT_have ([O!]a  q0)
7363         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
7364       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
7365         by (metis "KBasic:16" "&I" "vdash-properties:10")
7366     qed
7367   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
7368  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
7369    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7370  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
7371    using "&E" by blast+
7372  note props = props this
7373
7374  AOT_modally_strict {
7375    AOT_have y ¬q0] by "cqt:2[lambda]"
7376  } note 1 = this
7377  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
7378    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
7379       (auto simp: act_not_q_zero not_delta_not_q_zero
7380                   "beta-C-meta"[THEN "→E", OF 1])
7381  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
7382    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7383  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
7384    using "&E" by blast+
7385  note props = props this
7386
7387  AOT_modally_strict {
7388    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
7389  } note 1 = this
7390  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b &
7391                     𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
7392  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
7393    AOT_show 𝒜¬[E!]b
7394      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
7395  next AOT_show ¬Δ¬[E!]b
7396      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7397            b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
7398  next AOT_show 𝒜¬[E!]a
7399      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
7400  next AOT_show Δ¬[E!]a
7401      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta
7402            not_act_concrete_a not_delta_concrete_a "reductio-aa:1"
7403      by blast
7404  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7405  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
7406    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7407  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
7408    using "&E" by blast+
7409  note props = props this
7410
7411  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
7412    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
7413  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
7414    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7415  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
7416    using "&E" by blast+
7417  note props = props this
7418
7419  let  = "«y [O!]y  q0]»"
7420  AOT_modally_strict {
7421    AOT_have [«»] by "cqt:2[lambda]"
7422  } note 1 = this
7423  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7424  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
7425    AOT_show 𝒜([O!]b  q0)
7426      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
7427  next AOT_show Δ([O!]b  q0)
7428      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7429  next AOT_show ¬𝒜([O!]a  q0)
7430      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7431            not_act_q_zero "raa-cor:3" by blast
7432  next AOT_show Δ([O!]a  q0)
7433    proof (rule not_act_and_pos_delta)
7434      AOT_show ¬𝒜([O!]a  q0)
7435        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7436              not_act_q_zero "raa-cor:3" by blast
7437    next AOT_show ([O!]a  q0)
7438        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
7439    qed
7440  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7441  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
7442    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7443  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
7444    using "&E" by blast+
7445  note props = props this
7446
7447  let  = "«y [O!]y  ¬q0]»"
7448  AOT_modally_strict {
7449     AOT_have [«»] by "cqt:2[lambda]"
7450  } note 1 = this
7451  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7452  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
7453    AOT_show 𝒜([O!]b  ¬q0)
7454      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7455  next AOT_show Δ([O!]b  ¬q0)
7456      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7457  next AOT_show 𝒜([O!]a  ¬q0)
7458      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7459  next AOT_show ¬Δ([O!]a  ¬q0)
7460    proof(rule act_and_pos_not_not_delta)
7461      AOT_show 𝒜([O!]a  ¬q0)
7462        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7463    next
7464      AOT_have ¬[O!]a
7465        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta
7466              not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
7467      moreover AOT_have q0
7468        by (meson "&E"(1) q0_prop)
7469      ultimately AOT_have 2: (¬[O!]a & q0)
7470         by (metis "KBasic:16" "&I" "vdash-properties:10")
7471      AOT_show ¬([O!]a  ¬q0)
7472      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
7473        AOT_modally_strict {
7474          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
7475            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
7476                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
7477        }
7478      next
7479        AOT_show (¬[O!]a & q0)
7480          using "2" by blast
7481      qed
7482    qed
7483  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7484  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
7485    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7486  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
7487    using "&E" by blast+
7488  note props = props this
7489
7490  AOT_have [L]
7491    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
7492  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
7493  proof (safe intro!: "&I")
7494    AOT_show 𝒜[L]b
7495      by (meson nec_L "nec-imp-act" "vdash-properties:10")
7496    next AOT_show Δ[L]b using nec_L nec_delta by blast
7497    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "→E")
7498    next AOT_show Δ[L]a using nec_L nec_delta by blast
7499  qed
7500  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
7501    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7502  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
7503    using "&E" by blast+
7504  note props = props this
7505
7506  show ?thesis
7507    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1];
7508        rule "∃I"(2)[where β=F2]; rule "∃I"(2)[where β=F3];
7509        rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
7510        rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7];
7511        rule "∃I"(2)[where β=F8]; rule "∃I"(2)[where β=F9];
7512        rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
7513        rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13];
7514        rule "∃I"(2)[where β=F14]; rule "∃I"(2)[where β=F15];
7515        safe intro!: "&I")
7516       (match conclusion in "[?v  [F]  [G]]" for F G  7517        match props in A: "[?v  ¬φ{F}]" for φ 7518        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 7519        match props in B: "[?v  φ{G}]" 7520        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
7521                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
7522                                OF "Disjunction Addition"(2)[THEN "→E"],
7523                                OF "&I", OF A, OF B]››››)+
7524qed
7525
7526subsection‹The Theory of Objects›
7527text‹\label{PLM: 9.11}›
7528
7529AOT_theorem "o-objects-exist:1": x O!x
7530proof(rule RN)
7531  AOT_modally_strict {
7532    AOT_obtain a where (E!a & ¬𝒜[E!]a)
7533      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]]
7534      by blast
7535    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
7536    AOT_have x [E!]x]a
7537    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7538      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
7539    next
7540      AOT_show E!a by (fact 1)
7541    qed
7542    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
7543    AOT_thus x [O!]x by (rule "∃I")
7544  }
7545qed
7546
7547AOT_theorem "o-objects-exist:2": x A!x
7548proof (rule RN)
7549  AOT_modally_strict {
7550    AOT_obtain a where [A!]a
7551      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
7552    AOT_thus x A!x using "∃I" by blast
7553  }
7554qed
7555
7556AOT_theorem "o-objects-exist:3": ¬x O!x
7557  by (rule RN)
7558     (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]"
7559        "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2"
7560        "qml:2"[axiom_inst] "reductio-aa:2")
7561
7562AOT_theorem "o-objects-exist:4": ¬x A!x
7563  by (rule RN)
7564     (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]"
7565        "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2"
7566        "qml:2"[axiom_inst] "→E")
7567
7568AOT_theorem "o-objects-exist:5": ¬x E!x
7569proof (rule RN; rule "raa-cor:2")
7570  AOT_modally_strict {
7571    AOT_assume x E!x
7572    moreover AOT_obtain a where abs: A!a
7573      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]]
7574            "∃E"[rotated] by blast
7575    ultimately AOT_have E!a using "∀E" by blast
7576    AOT_hence 1: E!a by (metis "T◇" "→E")
7577    AOT_have y E!y]a
7578    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7579      AOT_show a using "cqt:2[const_var]"[axiom_inst].
7580    next
7581      AOT_show E!a by (fact 1)
7582    qed
7583    AOT_hence O!a
7584      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
7585    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
7586    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
7587  }
7588qed
7589
7590AOT_theorem partition: ¬x (O!x & A!x)
7591proof(rule "raa-cor:2")
7592  AOT_assume x (O!x & A!x)
7593  then AOT_obtain a where O!a & A!a
7594    using "∃E"[rotated] by blast
7595  AOT_thus p & ¬p for p
7596    by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1)
7597              "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
7598qed
7599
7600AOT_define eq_E :: ‹Π› ("'(=E')")
7601  "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
7602
7603syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
7604translations
7605  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
7606print_translation7607AOT_syntax_print_translations
7608[(const_syntax‹AOT_exe›, fn ctxt => fn [
7609  Const ("constAOT_PLM.eq_E", _),
7610  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7611] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
7612
7613text‹Note: Not explicitly mentioned as theorem in PLM.›
7614AOT_theorem "=E[denotes]": [(=E)]
7615  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
7616
7617AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
7618proof -
7619  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2"
7620  show ?thesis
7621    apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
7622    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(_,_)",
7623                        OF tuple_denotes[THEN "≡dfI"], OF "&I",
7624                        OF "cqt:2[const_var]"[axiom_inst],
7625                        OF "cqt:2[const_var]"[axiom_inst]]
7626    by fast
7627qed
7628
7629AOT_theorem "=E-simple:2": x =E y  x = y
7630proof (rule "→I")
7631  AOT_assume x =E y
7632  AOT_hence O!x & O!y & F ([F]x  [F]y)
7633    using "=E-simple:1"[THEN "≡E"(1)] by blast
7634  AOT_thus x = y
7635    using "≡dfI"[OF "identity:1"] "∨I" by blast
7636qed
7637
7638AOT_theorem "id-nec3:1": x =E y  (x =E y)
7639proof (rule "≡I"; rule "→I")
7640  AOT_assume x =E y
7641  AOT_hence O!x & O!y & F ([F]x  [F]y)
7642    using "=E-simple:1" "≡E" by blast
7643  AOT_hence O!x & O!y & F ([F]x  [F]y)
7644    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4)
7645              "oa-facts:1" "raa-cor:3" "vdash-properties:10")
7646  AOT_hence (O!x & O!y & F ([F]x  [F]y))
7647    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
7648  AOT_thus (x =E y)
7649    using "=E-simple:1"
7650    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
7651next
7652  AOT_assume (x =E y)
7653  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
7654qed
7655
7656AOT_theorem "id-nec3:2": (x =E y)  x =E y
7657  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1,5) "Commutativity of ≡")
7658
7659AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
7660  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
7661
7662syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
7663translations
7664  (Π) "(≠E)" == (Π) "(=E)-"
7665syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
7666translations
7667 "_AOT_non_eq_E_infix κ κ'" ==
7668 "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
7669print_translation7670AOT_syntax_print_translations
7671[(const_syntax‹AOT_exe›, fn ctxt => fn [
7672  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
7673  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7674] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
7675AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
7676proof -
7677  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2"
7678  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
7679    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
7680       (meson "oth-class-taut:3:a")
7681  also AOT_have   ¬(=E)xy
7682    by (safe intro!: "beta-C-meta"[THEN "→E", unvarify ν1νn] "cqt:2"
7683                     tuple_denotes[THEN "≡dfI"] "&I")
7684  finally show ?thesis.
7685qed
7686
7687AOT_theorem "id-nec4:1": x E y  (x E y)
7688proof -
7689  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
7690  also AOT_have   ¬(x =E y)
7691    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
7692  also AOT_have   ¬(x =E y)
7693    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
7694  also AOT_have   (x E y)
7695    by (AOT_subst (reverse) ¬(x =E y) x E y)
7696       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
7697  finally show ?thesis.
7698qed
7699
7700AOT_theorem "id-nec4:2": (x E y)  (x E y)
7701  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2,5) "Commutativity of ≡")
7702
7703AOT_theorem "id-nec4:3": (x E y)  (x E y)
7704  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
7705
7706AOT_theorem "id-act2:1": x =E y  𝒜x =E y
7707  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1,6))
7708AOT_theorem "id-act2:2": x E y  𝒜x E y
7709  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1,6))
7710
7711AOT_theorem "ord=Eequiv:1": O!x  x =E x
7712proof (rule "→I")
7713  AOT_assume 1: O!x
7714  AOT_show x =E x
7715    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
7716    apply (rule "β←C"(1))
7717      apply "cqt:2[lambda]"
7718     apply (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7719    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
7720qed
7721
7722AOT_theorem "ord=Eequiv:2": x =E y  y =E x
7723proof(rule CP)
7724  AOT_assume 1: x =E y
7725  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
7726  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
7727  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
7728  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
7729qed
7730
7731AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
7732proof (rule CP)
7733  AOT_assume 1: x =E y & y =E z
7734  AOT_hence x = y & y = z
7735    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
7736  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
7737  moreover AOT_have x =E x
7738    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1)
7739          "ord=Eequiv:1" "→E" by blast
7740  ultimately AOT_show x =E z
7741    using "rule=E" by fast
7742qed
7743
7744AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
7745proof(rule CP)
7746  AOT_assume O!x  O!y
7747  moreover {
7748    AOT_assume O!x
7749    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
7750    moreover {
7751      AOT_modally_strict {
7752        AOT_have O!x  (x = y  x =E y)
7753        proof (rule "→I"; rule "≡I"; rule "→I")
7754          AOT_assume O!x
7755          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
7756          moreover AOT_assume x = y
7757          ultimately AOT_show x =E y using "rule=E" by fast
7758        next
7759          AOT_assume x =E y
7760          AOT_thus x = y by (metis "=E-simple:2" "→E")
7761        qed
7762      }
7763      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
7764    }
7765    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7766  }
7767  moreover {
7768    AOT_assume O!y
7769    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
7770    moreover {
7771      AOT_modally_strict {
7772        AOT_have O!y  (x = y  x =E y)
7773        proof (rule "→I"; rule "≡I"; rule "→I")
7774          AOT_assume O!y
7775          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
7776          moreover AOT_assume x = y
7777          ultimately AOT_show x =E y using "rule=E" id_sym by fast
7778        next
7779          AOT_assume x =E y
7780          AOT_thus x = y by (metis "=E-simple:2" "→E")
7781        qed
7782      }
7783      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
7784    }
7785    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7786  }
7787  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
7788qed
7789
7790AOT_theorem "ord-=E=:2": O!y  x x = y]
7791proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
7792  AOT_show x x =E y] by "cqt:2[lambda]"
7793next
7794  AOT_assume O!y
7795  AOT_hence 1: (x = y  x =E y) for x
7796    using "ord-=E=:1" "→E" "∨I" by blast
7797  AOT_have (x =E y  x = y) for x
7798    by (AOT_subst x =E y  x = y x = y  x =E y)
7799       (auto simp add: "Commutativity of ≡" 1)
7800  AOT_hence x (x =E y  x = y) by (rule GEN)
7801  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
7802qed
7803
7804
7805AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
7806proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
7807  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
7808next
7809  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
7810  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
7811    AOT_modally_strict {
7812      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
7813        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
7814                  "modus-tollens:1" "raa-cor:1" that)
7815    }
7816  next
7817    AOT_modally_strict {
7818      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
7819        apply(safe intro!: "&I")
7820          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
7821         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
7822        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
7823              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]]
7824        by fast
7825    }
7826  qed
7827qed
7828
7829AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
7830proof(rule "→I")
7831  AOT_assume F ([F]x  [F]y)
7832  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
7833  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
7834    using "∀E" by blast
7835  moreover AOT_have x F ([F]x  [F]y)]y
7836    apply (rule "β←C"(1))
7837      apply "cqt:2[lambda]"
7838     apply (fact "cqt:2[const_var]"[axiom_inst])
7839    by (simp add: RN GEN "oth-class-taut:3:a")
7840  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
7841  AOT_thus F ([F]x  [F]y)
7842    using "β→C"(1) by blast
7843qed
7844
7845AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
7846proof (rule "→I"; rule "→I")
7847  AOT_assume F ([F]x  [F]y)
7848  AOT_hence F ([F]x  [F]y)
7849    using "ind-nec"[THEN "→E"] by blast
7850  moreover AOT_assume O!x & O!y
7851  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
7852    using "&I" by blast
7853  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
7854qed
7855
7856AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
7857proof (rule "→I"; rule "→I")
7858  AOT_assume O!x & O!y
7859  moreover AOT_assume F ([F]x  [F]y)
7860  ultimately AOT_have x =E y
7861    using "ord=E:1" "→E" by blast
7862  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
7863qed
7864
7865AOT_theorem "ord=E2:1":
7866  (O!x & O!y)  (x  y  z z =E x]  z z =E y])
7867proof (rule "→I"; rule "≡I"; rule "→I";
7868       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7869  AOT_assume 0: O!x & O!y
7870  AOT_assume x  y
7871  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7872  AOT_assume z z =E x] = z z =E y]
7873  moreover AOT_have z z =E x]x
7874    apply (rule "β←C"(1))
7875      apply "cqt:2[lambda]"
7876     apply (fact "cqt:2[const_var]"[axiom_inst])
7877    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
7878  ultimately AOT_have z z =E y]x using "rule=E" by fast
7879  AOT_hence x =E y using "β→C"(1) by blast
7880  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
7881  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7882next
7883  AOT_assume z z =E x]  z z =E y]
7884  AOT_hence 0: ¬(z z =E x] = z z =E y])
7885    using "≡dfE"[OF "=-infix"] by blast
7886  AOT_have z z =E x] by "cqt:2[lambda]"
7887  AOT_hence z z =E x] = z z =E x]
7888    by (metis "rule=I:1")
7889  moreover AOT_assume x = y
7890  ultimately AOT_have z z =E x] = z z =E y]
7891    using "rule=E" by fast
7892  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
7893    using 0 "&I" by blast
7894qed
7895
7896AOT_theorem "ord=E2:2":
7897  (O!x & O!y)  (x  y  z z = x]  z z = y])
7898proof (rule "→I"; rule "≡I"; rule "→I";
7899       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7900  AOT_assume 0: O!x & O!y
7901  AOT_assume x  y
7902  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7903  AOT_assume z z = x] = z z = y]
7904  moreover AOT_have z z = x]x
7905    apply (rule "β←C"(1))
7906    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7907     apply (fact "cqt:2[const_var]"[axiom_inst])
7908    by (simp add: "id-eq:1")
7909  ultimately AOT_have z z = y]x using "rule=E" by fast
7910  AOT_hence x = y using "β→C"(1) by blast
7911  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7912next
7913  AOT_assume 0: O!x & O!y
7914  AOT_assume z z = x]  z z = y]
7915  AOT_hence 1: ¬(z z = x] = z z = y])
7916    using "≡dfE"[OF "=-infix"] by blast
7917  AOT_have z z = x]
7918    by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7919  AOT_hence z z = x] = z z = x]
7920    by (metis "rule=I:1")
7921  moreover AOT_assume x = y
7922  ultimately AOT_have z z = x] = z z = y]
7923    using "rule=E" by fast
7924  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
7925    using 1 "&I" by blast
7926qed
7927
7928AOT_theorem ordnecfail: O!x  ¬F x[F]
7929  by (meson "RM:1" "→I" nocoder[axiom_inst] "oa-facts:1" "→E")
7930
7931AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
7932proof (rule "→I"; rule "→I")
7933  AOT_assume 1: A!x & A!y
7934  AOT_assume F (x[F]  y[F])
7935  AOT_hence x[F]  y[F] for F using "∀E" by blast
7936  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
7937  AOT_hence F (x[F]  y[F]) by (rule GEN)
7938  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
7939  AOT_thus x = y
7940    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
7941qed
7942
7943AOT_theorem "ab-obey:2":
7944  (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
7945proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7946  AOT_assume 1: x = y
7947  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
7948  moreover {
7949    AOT_assume F (x[F] & ¬y[F])
7950    then AOT_obtain F where x[F] & ¬y[F]
7951      using "∃E"[rotated] by blast
7952    moreover AOT_have y[F]
7953      using calculation[THEN "&E"(1)] 1 "rule=E" by fast
7954    ultimately AOT_have p & ¬p for p
7955      by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
7956  }
7957  moreover {
7958    AOT_assume F (y[F] & ¬x[F])
7959    then AOT_obtain F where y[F] & ¬x[F]
7960      using "∃E"[rotated] by blast
7961    moreover AOT_have ¬y[F]
7962      using calculation[THEN "&E"(2)] 1 "rule=E" by fast
7963    ultimately AOT_have p & ¬p for p
7964      by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
7965  }
7966  ultimately AOT_show p & ¬p for p
7967    by (metis "∨E"(3) "raa-cor:1")
7968qed
7969
7970AOT_theorem "encoders-are-abstract": F x[F]  A!x
7971  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
7972            "oa-contingent:3" "vdash-properties:1[2]")
7973
7974AOT_theorem "denote=:1": Hx x[H]
7975  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; "cqt:2")
7976
7977AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
7978  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; "cqt:2")
7979
7980AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
7981  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; "cqt:2")
7982
7983AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
7984  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; "cqt:2")
7985
7986AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
7987  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; "cqt:2")
7988
7989AOT_theorem "denote=:3": x x[Π]  H (H = Π)
7990  using "existence:2[1]" "free-thms:1" "≡E"(2,5)
7991        "Commutativity of ≡" "≡Df" by blast
7992
7993AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
7994  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
7995
7996AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
7997  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
7998
7999AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
8000  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
8001
8002AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
8003  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
8004
8005AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
8006proof (rule "uniqueness:1"[THEN "≡dfI"])
8007  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
8008    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
8009  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
8010  proof (rule "→I")
8011    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
8012    AOT_hence β[F]  φ{F} for F
8013      using "∀E" "&E" by blast
8014    AOT_hence β[F]  a[F] for F
8015      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2,5)
8016            "Commutativity of ≡" by fast
8017    AOT_hence F (β[F]  a[F]) by (rule GEN)
8018    AOT_thus β = a
8019      using "ab-obey:1"[THEN "→E",
8020                OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]],
8021                THEN "→E"] by blast
8022  qed
8023  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
8024  AOT_thus α ([A!]α & F (α[F]  φ{F}) &
8025                β ([A!]β & F (β[F]  φ{F})  β = α))
8026    using "∃I" using a_prop "&I" by fast
8027qed
8028
8029AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
8030  using "A-objects!" by fast
8031
8032AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
8033  using "A-objects!" by fast
8034
8035AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
8036  using "A-objects!" by fast
8037
8038AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
8039  using "A-objects!" by fast
8040
8041AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
8042  using "A-objects!" by fast
8043
8044AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
8045  using "A-objects!" by fast
8046
8047AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
8048  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
8049
8050AOT_act_theorem "thm-can-terms2":
8051  y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8052  using "y-in:2" by blast
8053
8054AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
8055proof(rule "→I")
8056  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8057  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8058    using "actual-desc:2"[THEN "→E"] by blast
8059  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
8060  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
8061qed
8062
8063AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8064proof -
8065  AOT_have ιx(A!x & F (x[F]  φ{F}))
8066    by (simp add: "A-descriptions")
8067  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) &
8068             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8069    using "y-in:3"[THEN "→E"] by blast
8070  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8071    using "&E" "∀E" by blast
8072qed
8073
8074AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
8075  using "desc-encode:1".
8076
8077AOT_theorem "desc-nec-encode:1":
8078  ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8079proof -
8080  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
8081    by (simp add: "A-descriptions")
8082  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) &
8083             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
8084    using "actual-desc:4"[THEN "→E"] by blast
8085  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8086    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
8087  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8088    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
8089  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8090    using "∀E" by blast
8091  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8092    using "Act-Basic:5" "≡E"(1) by blast
8093  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8094    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
8095qed
8096
8097AOT_theorem "desc-nec-encode:2":
8098  ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
8099  using "desc-nec-encode:1".
8100
8101AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
8102  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
8103     (meson "nec-imp-act" "vdash-properties:10")
8104
8105AOT_theorem "Box-desc-encode:2":
8106φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8107proof(rule CP)
8108  AOT_assume φ{G}
8109  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
8110  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8111  proof (rule RM; rule "→I")
8112    AOT_modally_strict {
8113      AOT_assume 1: φ{G}
8114      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G]
8115        using "Box-desc-encode:1" "→E" by blast
8116      moreover AOT_have φ{G}
8117        using 1 by (meson "qml:2"[axiom_inst] "→E")
8118      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
8119        using "→I" "≡I" by simp
8120    }
8121  qed
8122  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8123    using "→E" by blast
8124qed
8125
8126definition rigid_condition where
8127  rigid_condition φ  v . [v  α (φ{α}  φ{α})]
8128syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
8129
8130AOT_theorem "strict-can:1[E]":
8131  assumes RIGID_CONDITION(φ)
8132  shows α (φ{α}  φ{α})
8133  using assms[unfolded rigid_condition_def] by auto
8134
8135AOT_theorem "strict-can:1[I]":
8136  assumes  α (φ{α}  φ{α})
8137  shows RIGID_CONDITION(φ)
8138  using assms rigid_condition_def by auto
8139
8140AOT_theorem "box-phi-a:1":
8141  assumes RIGID_CONDITION(φ)
8142  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
8143proof (rule "→I")
8144  AOT_assume a: A!x & F (x[F]  φ{F})
8145  AOT_hence b: A!x
8146    by (metis "Conjunction Simplification"(1) "oa-facts:2" "→E")
8147  AOT_have x[F]  φ{F} for F
8148    using a[THEN "&E"(2)] "∀E" by blast
8149  moreover AOT_have (x[F]  x[F]) for F
8150    by (meson "pre-en-eq:1[1]" RN)
8151  moreover AOT_have (φ{F}  φ{F}) for F
8152    using RN "strict-can:1[E]"[OF assms] "∀E" by blast
8153  ultimately AOT_have (x[F]  φ{F}) for F
8154    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
8155  AOT_hence F (x[F]  φ{F}) by (rule GEN)
8156  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
8157  AOT_thus ([A!]x & F (x[F]  φ{F}))
8158    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
8159qed
8160
8161AOT_theorem "box-phi-a:2":
8162  assumes RIGID_CONDITION(φ)
8163  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8164proof(rule "→I")
8165  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8166  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8167    using "actual-desc:2"[THEN "→E"] by fast
8168  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
8169    using "Act-Basic:2" "&E" "≡E"(1) by blast+
8170  AOT_hence F 𝒜(y[F]  φ{F})
8171    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8172  AOT_hence 𝒜(y[F]  φ{F}) for F
8173    using "∀E" by blast
8174  AOT_hence 𝒜y[F]  𝒜φ{F} for F
8175    by (metis "Act-Basic:5" "≡E"(1)) 
8176  AOT_hence y[F]  φ{F} for F
8177    using "sc-eq-fur:2"[THEN "→E",
8178            OF "strict-can:1[E]"[OF assms,
8179                THEN "∀E"(2)[where β=F], THEN RN]]
8180    by (metis "en-eq:10[1]" "≡E"(6))
8181  AOT_hence F (y[F]  φ{F}) by (rule GEN)
8182  AOT_thus [A!]y & F (y[F]  φ{F})
8183    using abs "&I" "≡E"(2) "oa-facts:8" by blast
8184qed
8185
8186AOT_theorem "box-phi-a:3":
8187  assumes RIGID_CONDITION(φ)
8188  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8189  using "desc-nec-encode:2"
8190    "sc-eq-fur:2"[THEN "→E",
8191        OF "strict-can:1[E]"[OF assms,
8192          THEN "∀E"(2)[where β=F], THEN RN]]
8193    "≡E"(5) by blast
8194
8195AOT_define Null :: ‹τ  φ› ("Null'(_')") 
8196  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
8197
8198AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
8199  "df-null-uni:2": Universal(x) df A!x & F x[F]
8200
8201AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
8202proof (rule "uniqueness:1"[THEN "≡dfI"])
8203  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
8204    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8205  AOT_have a_null: ¬a[F] for F
8206  proof (rule "raa-cor:2")
8207    AOT_assume a[F]
8208    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
8209    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
8210    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
8211  qed
8212  AOT_have Null(a) & β (Null(β)  β = a)
8213  proof (rule "&I")
8214    AOT_have ¬F a[F]
8215      using a_null by (metis "instantiation" "reductio-aa:1")
8216    AOT_thus Null(a)
8217      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
8218  next
8219    AOT_show β (Null(β)  β = a)
8220    proof (rule GEN; rule "→I")
8221      fix β
8222      AOT_assume a: Null(β)
8223      AOT_hence ¬F β[F]
8224        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8225      AOT_hence β_null: ¬β[F] for F
8226        by (metis "existential:2[const_var]" "reductio-aa:1")
8227      AOT_have F (β[F]  a[F])
8228        apply (rule GEN; rule "≡I"; rule CP)
8229        using "raa-cor:3" β_null a_null by blast+
8230      moreover AOT_have A!β
8231        using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8232      ultimately AOT_show β = a
8233        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8234              "&I" by blast
8235    qed
8236  qed
8237  AOT_thus α (Null(α) & β (Null(β)  β = α))
8238    using "∃I"(2) by fast
8239qed
8240
8241AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
8242proof (rule "uniqueness:1"[THEN "≡dfI"])
8243  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
8244    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8245  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
8246  AOT_hence Universal(a)
8247    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
8248  moreover AOT_have β (Universal(β)  β = a)
8249  proof (rule GEN; rule "→I")
8250    fix β
8251    AOT_assume Universal(β)
8252    AOT_hence abs_β: A!β and β[F] for F
8253      using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
8254    AOT_hence β[F]  a[F] for F
8255      using aF by (metis "deduction-theorem" "≡I")
8256    AOT_hence F (β[F]  a[F]) by (rule GEN)
8257    AOT_thus β = a
8258      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8259            "&I" abs_β by blast
8260  qed
8261  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
8262    using "&I" "∃I" by fast
8263qed
8264
8265AOT_theorem "null-uni-uniq:3": ιx Null(x)
8266  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
8267
8268AOT_theorem "null-uni-uniq:4": ιx Universal(x)
8269  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
8270
8271AOT_define Null_object :: ‹κs (a)
8272  "df-null-uni-terms:1": a =df ιx Null(x)
8273
8274AOT_define Universal_object :: ‹κs (aV)
8275  "df-null-uni-terms:2": aV =df ιx Universal(x)
8276
8277AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
8278proof (rule "→I")
8279  AOT_assume Null(x)
8280  AOT_hence x_abs: A!x and x_null: ¬F x[F]
8281    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
8282  AOT_have ¬x[F] for F using x_null
8283    using "existential:2[const_var]" "reductio-aa:1"
8284    by metis
8285  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
8286  AOT_hence F ¬x[F] by (rule GEN)
8287  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
8288  moreover AOT_have F ¬x[F]  ¬F x[F]
8289    apply (rule RM)
8290    by (metis (full_types) "instantiation" "cqt:2[const_var]"[axiom_inst]
8291                           "→I" "reductio-aa:1" "rule-ui:1")
8292  ultimately AOT_have ¬F x[F]
8293    by (metis "→E")
8294  moreover AOT_have A!x using x_abs
8295    using "oa-facts:2" "vdash-properties:10" by blast
8296  ultimately AOT_have r: (A!x & ¬F x[F])
8297    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8298  AOT_show Null(x)
8299    by (AOT_subst Null(x) A!x & ¬F x[F])
8300       (auto simp: "df-null-uni:1" "≡Df" r)
8301qed  
8302
8303AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
8304proof (rule "→I")
8305  AOT_assume Universal(x)
8306  AOT_hence x_abs: A!x and x_univ: F x[F]
8307    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
8308  AOT_have x[F] for F using x_univ "∀E" by blast
8309  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
8310  AOT_hence F x[F] by (rule GEN)
8311  AOT_hence F x[F] by (rule BF[THEN "→E"])
8312  moreover AOT_have A!x using x_abs
8313    using "oa-facts:2" "vdash-properties:10" by blast
8314  ultimately AOT_have r: (A!x & F x[F])
8315    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8316  AOT_show Universal(x)
8317    by (AOT_subst Universal(x) A!x & F x[F])
8318       (auto simp add: "df-null-uni:2" "≡Df" r)
8319qed
8320
8321AOT_theorem "null-uni-facts:3": Null(a)
8322  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
8323   apply (simp add: "null-uni-uniq:3")
8324  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
8325    "sc-eq-fur:2"[THEN "→E",
8326        OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"],
8327        THEN "≡E"(1)]
8328  by blast
8329
8330AOT_theorem "null-uni-facts:4": Universal(aV)
8331  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
8332   apply (simp add: "null-uni-uniq:4")
8333  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
8334    "sc-eq-fur:2"[THEN "→E",
8335        OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"],
8336        THEN "≡E"(1)]
8337  by blast
8338
8339AOT_theorem "null-uni-facts:5": a  aV
8340proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8341    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8342    rule "≡dfI"[OF "=-infix"];
8343    rule "raa-cor:2")
8344  AOT_obtain x where nullx: Null(x)
8345    by (metis "instantiation" "df-null-uni-terms:1" "existential:1"
8346              "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:b[zero]")
8347  AOT_hence act_null: 𝒜Null(x)
8348    by (metis "nec-imp-act" "null-uni-facts:1" "→E")
8349  AOT_assume ιx Null(x) = ιx Universal(x)
8350  AOT_hence 𝒜x(Null(x)  Universal(x))
8351    using "actual-desc:5"[THEN "→E"] by blast
8352  AOT_hence x 𝒜(Null(x)  Universal(x))
8353    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8354  AOT_hence 𝒜Null(x)  𝒜Universal(x)
8355    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
8356  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
8357  AOT_hence Universal(x)
8358    by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "→E")
8359  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
8360  moreover AOT_have ¬F x[F]
8361    using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
8362  ultimately AOT_show p & ¬p for p
8363    by (metis "cqt-further:1" "raa-cor:3" "→E")
8364qed
8365
8366AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
8367proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8368  AOT_show ιx([A!]x & F (x[F]  F  F))
8369    by (simp add: "A-descriptions")
8370next
8371  AOT_show a
8372    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8373       (simp add: "null-uni-uniq:3")
8374next
8375  AOT_have ιx([A!]x & F (x[F]  F  F))
8376    by (simp add: "A-descriptions")
8377  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
8378    using "rule=I:1" by blast
8379  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
8380    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8381           rule "&I")
8382     apply (meson "≡dfE" "Conjunction Simplification"(1)
8383                  "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8384                  "null-uni-uniq:3" "rule-id-df:2:a[zero]" "→E")
8385    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8386next
8387  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
8388  proof (rule GEN)
8389    fix F
8390    AOT_have ¬a[F]
8391      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8392         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3) "∃I"(2)
8393                "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8394                "raa-cor:2" "rule-id-df:2:a[zero]"
8395                "russell-axiom[enc,1].ψ_denotes_asm")
8396    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
8397    proof(rule "raa-cor:2")
8398      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
8399      AOT_hence 𝒜(F  F)
8400        using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
8401      moreover AOT_have ¬𝒜(F  F)
8402        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2)
8403              "=-infix" "raa-cor:3" by blast
8404      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
8405    qed
8406    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
8407      using "deduction-theorem" "≡I" "raa-cor:4" by blast
8408  qed
8409qed
8410
8411AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
8412proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8413  AOT_show ιx([A!]x & F (x[F]  F = F))
8414    by (simp add: "A-descriptions")
8415next
8416  AOT_show aV
8417    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8418       (simp add: "null-uni-uniq:4")
8419next
8420  AOT_have ιx([A!]x & F (x[F]  F = F))
8421    by (simp add: "A-descriptions")
8422  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
8423    using "rule=I:1" by blast
8424  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
8425    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8426           rule "&I")
8427     apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2"
8428                  "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4"
8429                  "rule-id-df:2:a[zero]" "→E")
8430    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8431next
8432  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
8433  proof (rule GEN)
8434    fix F
8435    AOT_have aV[F]
8436      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8437      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2"
8438            "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]"
8439            "rule-ui:3" by blast
8440    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
8441      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
8442    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
8443      using "deduction-theorem" "≡I" by simp
8444  qed
8445qed
8446
8447AOT_theorem "aclassical:1":
8448Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
8449proof(rule GEN)
8450  fix R
8451  AOT_obtain a where a_prop:
8452    A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
8453    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8454  AOT_have a_enc: az [R]za]
8455  proof (rule "raa-cor:1")
8456    AOT_assume 0: ¬az [R]za]
8457    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8458      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
8459                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8460                THEN "≡E"(1), rotated])
8461         "cqt:2[lambda]"
8462    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8463      using "cqt-further:4" "vdash-properties:10" by blast
8464    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za])
8465      using "∀E" by blast
8466    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
8467      by (metis "&I" "deduction-theorem" "raa-cor:3")
8468    moreover AOT_have z [R]za] = z [R]za]
8469      by (rule "=I") "cqt:2[lambda]"
8470    ultimately AOT_have az [R]za]
8471      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8472    AOT_thus az [R]za] & ¬az [R]za]
8473      using 0 "&I" by blast
8474  qed
8475  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8476    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8477       "cqt:2"
8478  then AOT_obtain b where b_prop:
8479    A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
8480    using "∃E"[rotated] by blast
8481  AOT_have a  b
8482    apply (rule "≡dfI"[OF "=-infix"])
8483    using a_enc b_prop[THEN "&E"(2)]
8484    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8485          "raa-cor:3" "reductio-aa:1" by fast
8486  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
8487    using b_prop "&E" a_prop "&I" by meson
8488  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
8489  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
8490qed
8491
8492AOT_theorem "aclassical:2":
8493  Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
8494proof(rule GEN)
8495  fix R
8496  AOT_obtain a where a_prop:
8497    A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
8498    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8499  AOT_have a_enc: az [R]az]
8500  proof (rule "raa-cor:1")
8501    AOT_assume 0: ¬az [R]az]
8502    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8503      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
8504                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8505                THEN "≡E"(1), rotated])
8506         "cqt:2[lambda]"
8507    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8508      using "cqt-further:4" "vdash-properties:10" by blast
8509    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az])
8510      using "∀E" by blast
8511    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
8512      by (metis "&I" "deduction-theorem" "raa-cor:3")
8513    moreover AOT_have z [R]az] = z [R]az]
8514      by (rule "=I") "cqt:2[lambda]"
8515    ultimately AOT_have az [R]az]
8516      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8517    AOT_thus az [R]az] & ¬az [R]az]
8518      using 0 "&I" by blast
8519  qed
8520  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8521    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8522       "cqt:2"
8523  then AOT_obtain b where b_prop:
8524    A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
8525    using "∃E"[rotated] by blast
8526  AOT_have a  b
8527    apply (rule "≡dfI"[OF "=-infix"])
8528    using a_enc b_prop[THEN "&E"(2)]
8529    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8530          "raa-cor:3" "reductio-aa:1" by fast
8531  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
8532    using b_prop "&E" a_prop "&I" by meson
8533  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
8534  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
8535qed
8536
8537AOT_theorem "aclassical:3":
8538  Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
8539proof(rule GEN)
8540  fix R
8541  AOT_obtain a where a_prop:
8542    A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
8543    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8544  AOT_have den: z [R]a] by "cqt:2[lambda]"
8545  AOT_have a_enc: az [R]a]
8546  proof (rule "raa-cor:1")
8547    AOT_assume 0: ¬az [R]a]
8548    AOT_hence ¬y(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8549      by (safe intro!: a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ=«z [R]a]»],
8550                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8551                THEN "≡E"(1), rotated] "cqt:2") 
8552    AOT_hence y ¬(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8553      using "cqt-further:4" "→E" by blast
8554    AOT_hence ¬(A!a & z [R]a] = z [R]a] & ¬az [R]a]) using "∀E" by blast
8555    AOT_hence (A!a & z [R]a] = z [R]a])  az [R]a]
8556      by (metis "&I" "deduction-theorem" "raa-cor:3")
8557    AOT_hence az [R]a]
8558      using a_prop[THEN "&E"(1)] "→E" "&I"
8559      by (metis "rule=I:1" den)
8560    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
8561  qed
8562  AOT_hence y(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8563    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), OF den, THEN "≡E"(1), rotated])
8564  then AOT_obtain b where b_prop: A!b & z [R]a] = z [R]b] & ¬bz [R]a]
8565    using "∃E"[rotated] by blast
8566  AOT_have 1: a  b
8567    apply (rule "≡dfI"[OF "=-infix"])
8568    using a_enc b_prop[THEN "&E"(2)]
8569    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8570          "raa-cor:3" "reductio-aa:1" by fast
8571  AOT_have a:  [R]a] = ([R]a)
8572    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8573    by (meson "log-prop-prop:2")
8574  AOT_have b:  [R]b] = ([R]b)
8575    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8576    by (meson "log-prop-prop:2")
8577  AOT_have  [R]a] =  [R]b]
8578    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
8579    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
8580    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
8581    using b_prop "&E" apply blast
8582    apply (safe intro!: "&I")
8583    by (simp add: "log-prop-prop:2")+
8584  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
8585    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)]
8586          "&I" by auto
8587  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
8588  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
8589qed
8590
8591AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
8592proof -
8593  AOT_have x y ([A!]x & [A!]y & x  y &
8594               z xy F ([F]x  [F]y)]zx] =
8595               z xy F ([F]x  [F]y)]zy])
8596    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
8597       "cqt:2"
8598  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
8599               z xy F ([F]x  [F]y)]zx] =
8600               z xy F ([F]x  [F]y)]zy])
8601    using "∃E"[rotated] by blast
8602  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
8603               z xy F ([F]x  [F]y)]zx] =
8604               z xy F ([F]x  [F]y)]zy])
8605    using "∃E"[rotated] by blast
8606  AOT_have z xy F ([F]x  [F]y)]zx]x
8607    by (auto intro!: "β←C"(1) "cqt:2";
8608        simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3"
8609                  "oth-class-taut:3:a" "universal-cor")
8610  AOT_hence z xy F ([F]x  [F]y)]zy]x
8611    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
8612  AOT_hence xy F ([F]x  [F]y)]xy
8613    by (rule "β→C"(1))
8614  AOT_hence F ([F]x  [F]y)
8615    using "β→C"(1) old.prod.case by fast
8616  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y)
8617    using 0 "&E" "&I" by blast
8618  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
8619  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
8620qed
8621
8622AOT_theorem "kirchner-thm:1":
8623  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8624proof(rule "≡I"; rule "→I")
8625  AOT_assume x φ{x}]
8626  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
8627  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8628  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8629    AOT_modally_strict {
8630      fix x y
8631      AOT_assume 0: x φ{x}]
8632      moreover AOT_assume F([F]x  [F]y)
8633      ultimately AOT_have x φ{x}]x  x φ{x}]y
8634        using "∀E" by blast
8635      AOT_thus (φ{x}  φ{y})
8636        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8637    }
8638  qed
8639  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8640    using "→E" by blast
8641next
8642  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y})) 
8643            y(x(F([F]x  [F]y) & φ{x})  φ{y})
8644  proof(rule "RM:1"; rule "→I"; rule GEN)
8645    AOT_modally_strict {
8646      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8647      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
8648        using "∀E"(2) "→E" that by blast
8649      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
8650      proof (rule "raa-cor:1")
8651        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
8652        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y}) 
8653                   (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8654          using "≡E"(1) "oth-class-taut:4:h" by blast
8655        moreover {
8656          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
8657          AOT_obtain a where F([F]a  [F]y) & φ{a}
8658            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8659          AOT_hence φ{y}
8660            using indisc[THEN "≡E"(1)] "&E" by blast
8661          AOT_hence p & ¬p for p
8662            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8663        }
8664        moreover {
8665          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8666          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
8667            using "&E"(1) "cqt-further:4" "→E" by blast
8668          AOT_hence ¬(F([F]y  [F]y) & φ{y})
8669            using "∀E" by blast
8670          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
8671            using "≡E"(1) "oth-class-taut:5:c" by blast
8672          moreover AOT_have F([F]y  [F]y)
8673            by (simp add: "oth-class-taut:3:a" "universal-cor")
8674          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
8675          AOT_hence p & ¬p for p
8676            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8677        }
8678        ultimately AOT_show p & ¬p for p
8679          using "∨E"(3) "raa-cor:1" by blast
8680      qed
8681    }
8682  qed
8683  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8684  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
8685    using "→E" by blast
8686  AOT_thus x φ{x}]
8687    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8688qed
8689
8690AOT_theorem "kirchner-thm:2":
8691  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8692    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8693proof(rule "≡I"; rule "→I")
8694  AOT_assume x1...xn φ{x1...xn}]
8695  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "→E")
8696  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8697    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8698  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8699    AOT_modally_strict {
8700      fix x1xn y1yn :: 'a AOT_var›
8701      AOT_assume 0: x1...xn φ{x1...xn}]
8702      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8703      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn 
8704                           x1...xn φ{x1...xn}]y1...yn
8705        using "∀E" by blast
8706      AOT_thus (φ{x1...xn}  φ{y1...yn})
8707        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8708    }
8709  qed
8710  ultimately AOT_show x1...∀xny1...∀yn(
8711    F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8712  )
8713    using "→E" by blast
8714next
8715  AOT_have 8716    (x1...∀xny1...∀yn
8717      (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})))
8718     y1...∀yn
8719        ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8720         φ{y1...yn})
8721  proof(rule "RM:1"; rule "→I"; rule GEN)
8722    AOT_modally_strict {
8723      AOT_assume x1...∀xny1...∀yn
8724        (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8725      AOT_hence indisc: φ{x1...xn}  φ{y1...yn}
8726        if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
8727        using "∀E"(2) "→E" that by blast
8728      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8729                φ{y1...yn} for y1yn
8730      proof (rule "raa-cor:1")
8731        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8732                    φ{y1...yn})
8733        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn)
8734                    & φ{x1...xn}))
8735                    & ¬φ{y1...yn}) 
8736                  (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8737                   & φ{y1...yn})
8738          using "≡E"(1) "oth-class-taut:4:h" by blast
8739        moreover {
8740          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8741                         & ¬φ{y1...yn}
8742          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
8743            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8744          AOT_hence φ{y1...yn}
8745            using indisc[THEN "≡E"(1)] "&E" by blast
8746          AOT_hence p & ¬p for p
8747            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8748        }
8749        moreover {
8750          AOT_assume 0: ¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8751                         & φ{y1...yn}
8752          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
8753            using "&E"(1) "cqt-further:4" "→E" by blast
8754          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn})
8755            using "∀E" by blast
8756          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
8757            using "≡E"(1) "oth-class-taut:5:c" by blast
8758          moreover AOT_have F([F]y1...yn  [F]y1...yn)
8759            by (simp add: "oth-class-taut:3:a" "universal-cor")
8760          ultimately AOT_have ¬φ{y1...yn}
8761            by (metis "¬¬I" "∨E"(2))
8762          AOT_hence p & ¬p for p
8763            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8764        }
8765        ultimately AOT_show p & ¬p for p
8766          using "∨E"(3) "raa-cor:1" by blast
8767      qed
8768    }
8769  qed
8770  moreover AOT_assume x1...∀xny1...∀yn
8771    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8772  ultimately AOT_have y1...∀yn
8773    ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8774     φ{y1...yn})
8775    using "→E" by blast
8776  AOT_thus x1...xn φ{x1...xn}]
8777    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8778qed
8779
8780AOT_theorem "kirchner-thm-cor:1":
8781  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8782proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8783  fix x y
8784  AOT_assume x φ{x}]
8785  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8786    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
8787  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8788    using CBF[THEN "→E"] by blast
8789  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8790    using "∀E" by blast
8791  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8792    using CBF[THEN "→E"] by blast
8793  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
8794    using "∀E" by blast
8795  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
8796    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8797  moreover AOT_assume F([F]x  [F]y)
8798  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
8799qed
8800
8801AOT_theorem "kirchner-thm-cor:2":
8802  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8803    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8804proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8805  fix x1xn y1yn
8806  AOT_assume x1...xn φ{x1...xn}]
8807  AOT_hence 0: x1...∀xny1...∀yn
8808    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8809    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
8810  AOT_have x1...∀xny1...∀yn
8811    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8812  proof(rule GEN; rule GEN)
8813    fix x1xn y1yn
8814    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8815      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
8816      using "∀E" by blast
8817  qed
8818  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn) 
8819                         (φ{x1...xn}  φ{y1...yn}))
8820    using "∀E" by blast
8821  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8822    using "∀E" by blast
8823  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8824    using "∀E" by blast
8825  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8826    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8827  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8828  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2"
8829  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn 
8830                       x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8831    using "∀E" by blast
8832  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8833    apply (rule "β←C"(1))
8834      apply "cqt:2[lambda]"
8835     apply (fact "cqt:2[const_var]"[axiom_inst])
8836    by (simp add: RN GEN "oth-class-taut:3:a")
8837  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn
8838    using "≡E"(2) by blast
8839  AOT_hence F ([F]x1...xn  [F]y1...yn)
8840    using "β→C"(1) by blast
8841  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
8842qed
8843
8844subsection‹Propositional Properties›
8845text‹\label{PLM: 9.12}›
8846
8847AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
8848  "prop-prop1": Propositional([F]) df p(F = y p])
8849
8850AOT_theorem "prop-prop2:1": p y p]
8851  by (rule GEN) "cqt:2[lambda]"
8852
8853AOT_theorem "prop-prop2:2": ν φ]
8854  by "cqt:2[lambda]"
8855
8856AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
8857proof (rule "→I")
8858  AOT_assume 0: F = y p]
8859  AOT_show x([F]x  p)
8860    by (rule "rule=E"[rotated, OF 0[symmetric]];
8861        rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
8862      "cqt:2[lambda]"
8863qed
8864
8865AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
8866proof(rule "→I")
8867  AOT_assume Propositional([F])
8868  AOT_hence p(F = y p])
8869    using "≡dfE"[OF "prop-prop1"] by blast
8870  then AOT_obtain p where F = y p]
8871    using "∃E"[rotated] by blast
8872  AOT_hence (F = y p])
8873    using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
8874  AOT_hence p (F = y p])
8875    using "∃I" by fast
8876  AOT_hence 0: p (F = y p])
8877    by (metis Buridan "vdash-properties:10")
8878  AOT_thus Propositional([F])
8879    using "prop-prop1"[THEN "≡Df"]
8880    by (AOT_subst Propositional([F]) p (F = y p])) auto
8881qed
8882
8883AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
8884  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
8885
8886AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
8887proof(rule "→I")
8888  AOT_assume Propositional([Π])
8889  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
8890  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
8891  AOT_show Indiscriminate([Π])
8892  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8893    AOT_show Π
8894      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
8895  next
8896    AOT_show (x [Π]x  x [Π]x)
8897    proof (rule "rule=E"[rotated, OF Π_def[symmetric]];
8898           rule RN; rule "→I"; rule GEN)
8899      AOT_modally_strict {
8900        AOT_assume x y p]x
8901        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
8902        AOT_hence 0: p by (metis "β→C"(1))
8903        AOT_show y p]x for x
8904          apply (rule "β←C"(1))
8905            apply "cqt:2[lambda]"
8906           apply (fact "cqt:2[const_var]"[axiom_inst])
8907          by (fact 0)
8908      }
8909    qed
8910  qed
8911qed
8912
8913AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
8914proof (rule "→I")
8915  AOT_assume Necessary([F])
8916  AOT_hence 0: x1...∀xn [F]x1...xn
8917    using "≡dfE"[OF "contingent-properties:1"] by blast
8918  AOT_show Indiscriminate([F])
8919    by (rule "≡dfI"[OF "prop-indis"])
8920       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "→E") 
8921qed
8922
8923AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
8924proof (rule "→I")
8925  AOT_modally_strict {
8926    AOT_have x ¬[F]x  (x [F]x  x [F]x)
8927      by (metis "∃E" "cqt-orig:3" "Hypothetical Syllogism" "→I" "raa-cor:3")
8928  }
8929  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
8930    by (rule "RM:1")
8931  AOT_assume Impossible([F])
8932  AOT_hence x ¬[F]x
8933    using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
8934  AOT_hence 1: (x [F]x  x [F]x)
8935    using 0 "→E" by blast
8936  AOT_show Indiscriminate([F])
8937    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8938       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
8939qed
8940
8941AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
8942proof(rule "raa-cor:2")
8943  AOT_assume Indiscriminate([E!])
8944  AOT_hence 0: (x [E!]x  x [E!]x)
8945    using "≡dfE"[OF "prop-indis"] "&E" by blast
8946  AOT_hence x [E!]x  x [E!]x
8947    using "KBasic:13" "vdash-properties:10" by blast
8948  moreover AOT_have x [E!]x
8949    by (simp add: "thm-cont-e:3")
8950  ultimately AOT_have x [E!]x
8951    by (metis "vdash-properties:6")
8952  AOT_thus p & ¬p for p
8953    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
8954qed
8955
8956AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
8957proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]];
8958       rule "raa-cor:2")
8959  AOT_assume Indiscriminate(x ¬[E!]x])
8960  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
8961    using "≡dfE"[OF "prop-indis"] "&E" by blast
8962  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
8963    using "→E" "qml:1" "vdash-properties:1[2]" by blast
8964  moreover AOT_have x x ¬[E!]x]x
8965    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
8966    apply (rule "beta-C-meta"[THEN "→E"])
8967     apply "cqt:2"
8968    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2"
8969                           "o-objects-exist:5" "→E")
8970  ultimately AOT_have 1: x x ¬[E!]x]x
8971    by (metis "vdash-properties:6")
8972  AOT_hence x ¬[E!]x
8973    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
8974       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
8975  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
8976  moreover AOT_obtain a where abs_a: O!a
8977    using "∃E" "o-objects-exist:1" "qml:2"[axiom_inst] "→E" by blast
8978  ultimately AOT_have ¬[E!]a using "∀E" by blast
8979  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
8980  AOT_have A!a
8981    apply (rule "=dfI"(2)[OF AOT_abstract])
8982     apply "cqt:2[lambda]"
8983    apply (rule "β←C"(1))
8984      apply "cqt:2[lambda]"
8985    using "cqt:2[const_var]"[axiom_inst] apply blast
8986    by (fact 2)
8987  AOT_thus p & ¬p for p using abs_a
8988    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
8989qed
8990
8991AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
8992proof(rule "raa-cor:2")
8993  AOT_assume Indiscriminate(O!)
8994  AOT_hence 0: (x O!x  x O!x)
8995    using "≡dfE"[OF "prop-indis"] "&E" by blast
8996  AOT_hence x O!x  x O!x
8997    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8998  moreover AOT_have x O!x
8999    using "o-objects-exist:1" by blast
9000  ultimately AOT_have x O!x
9001    by (metis "vdash-properties:6")
9002  AOT_thus p & ¬p for p
9003    by (metis "o-objects-exist:3" "qml:2"[axiom_inst] "raa-cor:3" "→E")
9004qed
9005
9006AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
9007proof(rule "raa-cor:2")
9008  AOT_assume Indiscriminate(A!)
9009  AOT_hence 0: (x A!x  x A!x)
9010    using "≡dfE"[OF "prop-indis"] "&E" by blast
9011  AOT_hence x A!x  x A!x
9012    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
9013  moreover AOT_have x A!x
9014    using "o-objects-exist:2" by blast
9015  ultimately AOT_have x A!x
9016    by (metis "vdash-properties:6")
9017  AOT_thus p & ¬p for p
9018    by (metis "o-objects-exist:4" "qml:2"[axiom_inst] "raa-cor:3" "→E")
9019qed
9020
9021AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
9022  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
9023
9024AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
9025  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
9026
9027AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
9028  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
9029
9030AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
9031  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
9032
9033AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
9034proof(rule "→I")
9035  AOT_assume p (F = y p])
9036  AOT_hence p (F = y p])
9037    by (metis "BF◇" "→E")
9038  then AOT_obtain p where (F = y p])
9039    using "∃E"[rotated] by blast
9040  AOT_hence F = y p]
9041    by (metis "derived-S5-rules:2" emptyE "id-nec:2" "→E")
9042  AOT_thus p(F = y p]) by (rule "∃I")
9043qed
9044
9045AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
9046proof(rule "→I")
9047  AOT_assume p (F  y p])
9048  AOT_hence (F  y p]) for p
9049    using "∀E" by blast
9050  AOT_hence (F  y p]) for p
9051    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2"
9052  AOT_hence p (F  y p]) by (rule GEN)
9053  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
9054qed
9055
9056AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
9057proof(rule "→I")
9058  AOT_assume p (F = y p])
9059  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
9060  AOT_hence (F = y p]) by (metis "id-nec:2" "→E")
9061  AOT_hence p(F = y p]) by (rule "∃I")
9062  AOT_thus p(F = y p]) by (metis Buridan "→E")
9063qed
9064
9065AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
9066proof(rule "→I")
9067  AOT_assume p (F  y p])
9068  AOT_hence p (F  y p]) by (metis "Buridan◇" "→E")
9069  AOT_hence (F  y p]) for p
9070    using "∀E" by blast
9071  AOT_hence F  y p] for p
9072    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2"
9073  AOT_thus p (F  y p]) by (rule GEN)
9074qed
9075
9076AOT_theorem "enc-prop-nec:1":
9077  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9078proof(rule "→I"; rule GEN; rule "→I")
9079  fix F
9080  AOT_assume F (x[F]  p(F = y p]))
9081  AOT_hence F (x[F]  p(F = y p]))
9082    using "Buridan◇" "vdash-properties:10" by blast
9083  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
9084  AOT_assume x[F]
9085  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
9086  AOT_hence p(F = y p])
9087    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
9088  AOT_thus p(F = y p])
9089    using "prop-prop-nec:1"[THEN "→E"] by blast
9090qed
9091
9092AOT_theorem "enc-prop-nec:2":
9093  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9094  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
9095  by blast
9096
9097(*<*)
9098end
9099(*>*)